By Girish Moodalbail on Mar 26, 2010
With the integration of
PSARC 2009/306 Brussels II - ipadm and libipadm
PSARC 2010/080 Brussels II addendum
Solaris now has a new CLI utility called ipadm(1M) that can be used to perform:
\* IP interfaces management (creation/deletion)
\* IP address management (add, delete, show) for static IPv4 & IPv6
addresses, DHCP, stateless/stateful IPv6 Address configuraiton
\* protocol (IP/TCP/UDP/SCTP/ICMP) tunable management (set, get, reset)
global (ndd(1M)) tunables, as well as per-interface tunables.
\* provide persistence for all of the three features above so that on
reboot the configuration is reapplied.
Design doc: http://arc.opensolaris.org/caselog/PSARC/2010/080/materials/brussels2_design.pdf
ipadm(1M) man page: http://arc.opensolaris.org/caselog/PSARC/2010/080/materials/ipadm.1m.txt
This utility makes the configuration of IP interfaces and addresses on Solaris much simpler and
it has a similar look and feel of that of dladm(1M).
In this, 3 part series, I will first show how to create an IP interface and then add addresses on them.
UseCase 1: Create an IP interface and add IPv4 DHCP address on it.
'dladm show-link' will list all the data-links on the system.
# dladm show-link LINK CLASS MTU STATE BRIDGE OVER net0 phys 1500 up -- -- net1 phys 1500 down -- --'ipadm show-if' will list all the plumbed IP interfaces on the system.
# ipadm show-if IFNAME STATE CURRENT PERSISTENT lo0 ok -m-v-----46 ---From the above output, one can infer that the state of, lo0, loopback IP interface is ok and can handle both IPv4 and IPv6 packets. 'm' means multicast capability and 'v' means it's a virtual interface. For other flags, please read ipadm(1M) man page. Note: lo0 IP interface is always created on boot by the svc:/network/loopback:default SMF service.
'ipadm show-addr' displays all the configured addresses on the system.
# ipadm show-addr ADDROBJ TYPE STATE ADDR lo0/v4 static ok 127.0.0.1/8 lo0/v6 static ok ::1/128
With ipadm(1M) you can name your addresses. 'lo0/v4' and 'lo0/v6' are the names that map to addresses '127.0.0.1/8' and '::1/128' respectively. I will talk about this later in the blog.
Lets create an IP interface net0 and add a dhcp address on it.
# ipadm create-if net0 # ipadm show-if IFNAME STATE CURRENT PERSISTENT lo0 ok -m-v-----46 --- net0 down bm-------46 -46 # ipadm create-addr -T dhcp net0/dhcpaddr # ipadm show-addr ADDROBJ TYPE STATE ADDR lo0/v4 static ok 127.0.0.1/8 net0/dhcpaddr dhcp ok 10.30.25.174/22 lo0/v6 static ok ::1/128
The dhcp address was created and it's named to be 'net0/dhcpaddr'. You can see the various address properties related to the newly created DHCP addresss using 'ipadm show-addrprop'
# ipadm show-addrprop net0/dhcpaddr ADDROBJ PROPERTY PERM CURRENT PERSISTENT DEFAULT POSSIBLE net0/dhcpaddr broadcast r- 10.30.27.255 -- 10.255.255.255 -- net0/dhcpaddr deprecated rw off -- off on,off net0/dhcpaddr prefixlen rw 22 -- 8 1-30,32 net0/dhcpaddr private rw off -- off on,off net0/dhcpaddr transmit rw on -- on on,off net0/dhcpaddr zone rw global -- global --
UseCase 2: Create an IP interface and add IPv4 static address on it.
# ipadm create-if net1 # ipadm create-addr -T static -a 192.168.1.101/24 net1/v4static # ipadm show-addr ADDROBJ TYPE STATE ADDR lo0/v4 static ok 127.0.0.1/8 net0/dhcpaddr dhcp ok 10.30.25.174/22 net1/v4static static inaccessible 192.168.1.101/24 lo0/v6 static ok ::1/128
The static address that was created is marked 'inaccessible' because the underlying data-link on which the address was created did not have IFF_RUNNING flag set. Probably it did not have a cable plugged into the NIC.
You can see all the interface related properties using 'ipadm show-ifprop'. You can enable forwarding for both ipv4 and ipv6 packets on this interface as shown below.
# ipadm set-ifprop -p forwarding=on -m ipv4 net1 # ipadm set-ifprop -p forwarding=on -m ipv6 net1 # ipadm show-ifprop -p forwarding net0 IFNAME PROPERTY PROTO PERM CURRENT PERSISTENT DEFAULT POSSIBLE net1 forwarding ipv4 rw on on off on,off net1 forwarding ipv6 rw on on off on,off
The value was set persistently, as can be veriifed by the PERSISTENT column. So, on reboot the forwarding will be enabled on this interface. To temporarily set forwarding one could use '-t' option.