| Solaris |
|
|
Crossbow Servers
Crossbow Servers
Overview
In order to preserve Test Farm IP space, port mapping is used with a Crossbow virtual network in some of the Test Farm virtual machine Servers. This allows one internet IP address to support network access to many virtual machines. External ports are mapped to internal port 22 (ssh,scp) so secure networking is maintained. Here's the Crossbow documentation link.
Virtual machines using Crossbow can be reserved under the Test Farm Virtual Machines interface.
Crossbow Server Setup
The following shows how to setup a VNIC router on a x4200 running OpenSolaris. Physical networking is used, since NWAM does not support Crossbow at this time. The physical and virtual network interfaces are tested to make sure they survive reboot. The IP address used by vnic0 is used by the other VNICs as the default router.
Etherstub and VNIC Router Creation
# dladm create-etherstub etherstub0 # dladm set-linkprop -p mtu=1500 etherstub0 # dladm create-vnic -l etherstub0 vnic0 # dladm show-link LINK CLASS MTU STATE OVER nge1 phys 1500 up ~-- e1000g0 phys 1500 down ~-- e1000g1 phys 1500 down ~-- nge0 phys 1500 up ~-- etherstub0 etherstub 1500 unknown ~-- vnic0 vnic 1500 unknown etherstub0 # dladm show-vnic LINK OVER SPEED MACADDRESS MACADDRTYPE VID vnic0 etherstub0 0 2:8:20:9:54:46 random 0
Initial Network State
# netstat -rn Routing Table: IPv4 Destination Gateway Flags Ref Use Interface ~-------------------- ~-------------------- ~----- ~----- ~---------- ~--------- default 192.99.105.1 UG 1 1 nge0 192.99.105.0 192.99.105.33 U 1 460 nge0 127.0.0.1 127.0.0.1 UH 1 165 lo0 # svcs /network/physical STATE STIME FMRI disabled 22:40:58 svc:/network/physical:nwam online 22:41:18 svc:/network/physical:default
Configure Network Files (to ensure persistence across reboots)
# cat /etc/inet/hosts ::1 x4200-010227.local localhost loghost 127.0.0.1 x4200-010227.local localhost loghost 192.99.105.33 x4200-010227 loghost 192.168.1.1 vnic0 # cat /etc/hostname.nge0 x4200-010227 # cat /etc/hostname.vnic0 vnic0 # cat /etc/inet/netmasks 192.99.105.0 255.255.255.0 192.168.1.0 255.255.255.0 # cat /etc/defaultrouter 192.99.105.1 # reboot
Network After Reboot
# netstat -rn Routing Table: IPv4 Destination Gateway Flags Ref Use Interface ~-------------------- ~-------------------- ~----- ~----- ~---------- ~--------- default 192.99.105.1 UG 1 85 192.99.105.0 192.99.105.33 U 1 3 nge0 192.168.1.0 192.168.1.1 U 1 1 vnic0 127.0.0.1 127.0.0.1 UH 1 0 lo0
Domain Name Resolution and IP Filter Setup
# cat /etc/resolv.conf
domain xyz.com
nameserver 192.99.99.99
nameserver 192.99.99.9
# cat /etc/defaultdomain
xyz.com
# cp /etc/nsswitch.dns /etc/nsswitch.conf
# cat /etc/nsswitch.dns
...
hosts: files dns mdns
ipnodes: files dns mdns
...
# svcadm enable route
# routeadm -u -e ipv4-forwarding
# routeadm
Configuration Current Current
Option Configuration System State
~---------------------------------------------------------------
IPv4 routing enabled enabled
IPv6 routing disabled disabled
IPv4 forwarding enabled enabled
IPv6 forwarding disabled disabled
Routing services "route:default ripng:default"
Routing daemons:
STATE FMRI
disabled svc:/network/routing/ripng:default
online svc:/network/routing/ndp:default
disabled svc:/network/routing/legacy-routing:ipv4
disabled svc:/network/routing/legacy-routing:ipv6
disabled svc:/network/routing/rdisc:default
online svc:/network/routing/route:default
# cat /etc/ipf/ipnat.conf
map nge0 192.168.1.0/24 -> 0.0.0.0/32 portmap tcp/udp auto
map nge0 192.168.1.0/24 -> 0.0.0.0/32
# svcadm enable ipfilter
Per Zone Virtual Network Setup
# dladm create-vnic -l etherstub0 vnic100
# dladm show-link
LINK CLASS MTU STATE OVER
nge1 phys 1500 up ~--
e1000g0 phys 1500 down ~--
e1000g1 phys 1500 down ~--
nge0 phys 1500 up ~--
etherstub0 etherstub 1500 unknown ~--
vnic0 vnic 1500 up etherstub0
vnic100 vnic 1500 up etherstub0
# cat /etc/ipf/ipnat.conf
map nge0 192.168.1.0/24 -> 0.0.0.0/32 portmap tcp/udp auto
map nge0 192.168.1.0/24 -> 0.0.0.0/32
rdr nge0 192.99.105.33/32 port 20100 -> 192.168.1.100 port 22
# svcadm restart ipfilter
# ipnat -l
List of active MAP/Redirect filters:
map nge0 192.168.1.0/24 -> 0.0.0.0/32 portmap tcp/udp auto
map nge0 192.168.1.0/24 -> 0.0.0.0/32
rdr nge0 192.99.105.33/32 port 20100 -> 192.168.1.100 port 22 tcp
# cat crossbow.zonecfg
create -b
set zonepath=/bpool/zones/crossbow01
set autoboot=true
set ip-type=exclusive
add net
set physical=vnic100
end
# cat crossbow.syscfg
system_locale=C
terminal=vt100
network_interface=PRIMARY {
hostname=crossbow01
ip_address=192.168.1.100
netmask=255.255.255.0
protocol_ipv6=no
default_route=192.168.1.1}
root_password=xyzpdq
timezone=US/Mountain
timeserver=localhost
name_service=none
security_policy=none
nfs4_domain=dynamic
Use Zone Setup procedure to complete zone creation process.
Access Zone using Crossbow Virtual Network
bash-3.2$ ssh root@192.99.105.33 -p 20100 Password: Last login: Mon Jul 27 10:36:10 2009 from xyz Sun Microsystems Inc. SunOS 5.11 snv_111b November 2008 root@crossbow01:~# netstat -rn Routing Table: IPv4 Destination Gateway Flags Ref Use Interface ~-------------------- ~-------------------- ~----- ~----- ~---------- ~--------- default 192.168.1.1 UG 1 8 192.168.1.0 192.168.1.100 U 1 4 vnic100 127.0.0.1 127.0.0.1 UH 1 2 lo0
Terms of Use
|
Privacy
|
Trademarks
|
Copyright Policy
|
Site Guidelines
|
Site Map
|
Help
Your use of this web site or any of its content or software indicates your agreement to be bound by these Terms of Use.
© 2012, Oracle Corporation and/or its affiliates.