Hello all, thanks for reading my question:
So I've been a Unix/Linux SysAdmin for a couple years, and I'm a bit over my head running solo, trying to set up LDoms using Oracle VM Server 3.1 for SPARC. I've been very careful, and things have gone well up until the point I try to access the new virtual machines from the regular network.
I found
the section in the Oracle VM Server 3.1 for SPARC manual that talks about enabling external connectivity, however it's very vague, and provides no examples. I did my best to follow the instructions, but I'm having zero luck getting from the virtual machine to the rest of my network and vice versa.
Can anyone help with where I can find an example of getting this to work? I feel like I've looked everywhere. Everything I've tried isn't working. Here's what I have so far:
1) I have the physical machine connected just fine to my network, no issues connecting, etc. The primary physical NIC is setup on net0. It has an IP address.
2) I created an etherstub (stub0) exactly as mentioned in step 1 of the manual linked above
3) I created a virtual switch (primary-stub-vsw0) on the etherstub (exactly as depicted in step 2)
4) I created a virtual NIC (vnic0) on the etherstub (exactly like step 3)
5) I configured vnic0 and gave it a private IP address not in use anywhere on my network (similar to step 4, but I used 192.168.3.2 for the IP)
ipadm shows the following:
NAME CLASS/TYPE STATE UNDER ADDR
lo0 loopback ok -- --
lo0/v4 static ok -- 127.0.0.1/8
lo0/v6 static ok -- ::1/128
net0 ip ok -- --
net0/v4 static ok -- 10.12.20.86/24
net1 ip down -- --
net2 ip down -- --
net3 ip down -- --
vnic0 ip ok -- --
vnic0/v4 static ok -- 192.168.3.2/24
dladm shows the following:
net1 phys 1500 up --
net2 phys 1500 up --
net3 phys 1500 up --
net0 phys 1500 up --
net5 phys 1500 up --
stub0 etherstub 1500 unknown --
vnic0 vnic 1500 up stub0
ldoms-vsw1.vport0 vnic 1500 up stub0
and the network sections of ldm list-bindings shows:
NAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIME
primary active -n-cv- SP 2 8G 0.7% 31d 2h 22m
...
VSW
NAME MAC NET-DEV ID DEVICE LINKPROP DEFAULT-VLAN-ID PVID VID MTU MODE INTER-VNET-LINK
primary-stub-vsw0 00:14:4f:fb:c9:5b stub0 1 switch@1 1 1 1500 on
PEER MAC PVID VID MTU MAXBW LINKPROP INTERVNETLINK
vnet0@test1 00:14:4f:fa:c6:d1 1 1500
------------------------------------------------------------------------------
NAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIME
test1 active -n---- 5000 8 8G 0.1% 7d 21h 10m
...
NETWORK
NAME SERVICE ID DEVICE MAC MODE PVID VID MTU MAXBW LINKPROP
vnet0 primary-stub-vsw0@primary 1 network@1 00:14:4f:fa:c6:d1 1 1500
PEER MAC MODE PVID VID MTU MAXBW LINKPROP
primary-stub-vsw0@primary 00:14:4f:fb:c9:5b 1 1500
6) I turned on packet forwarding globally. Results of ipadm show-prop -p forwarding ip:
PROTO PROPERTY PERM CURRENT PERSISTENT DEFAULT POSSIBLE
ipv4 forwarding rw on on off on,off
ipv6 forwarding rw off -- off on,off
7) I set up some NAT rules to forward all packets from the vnic0 to net0. Content of /etc/ipf/ipnat.conf:
map vnic0 192.168.3.0/24 -> 0/32 portmap tcp/udp auto
map vnic0 192.168.3.0/24 -> 0/32
...and output of ipnat -l:
List of active MAP/Redirect filters:
map net0 192.168.3.0/24 -> 0.0.0.0/32 portmap tcp/udp auto
map net0 192.168.3.0/24 -> 0.0.0.0/32
List of active sessions:
8) on my LDom (test1), I set up the NIC and gave it an IP address in the schema of our network. Output of ipadm on the LDom is as follows:
NAME CLASS/TYPE STATE UNDER ADDR
lo0 loopback ok -- --
lo0/v4 static ok -- 127.0.0.1/8
lo0/v6 static ok -- ::1/128
net0 ip ok -- --
net0/v4 static ok -- 10.10.20.178/24
dladm shows:
LINK CLASS MTU STATE OVER
net0 phys 1500 up --
9) I setup a default route on the LDom with route -p add default 10.12.20.1
netstat -nr shows:
Routing Table: IPv4
Destination Gateway Flags Ref Use Interface
-------------------- -------------------- ----- ----- ---------- ---------
default 10.10.20.1 UG 2 3122
10.10.20.0 10.10.20.178 U 3 11 net0
127.0.0.1 127.0.0.1 UH 2 83 lo0
Routing Table: IPv6
Destination/Mask Gateway Flags Ref Use If
--------------------------- --------------------------- ----- --- ------- -----
::1 ::1 UH 2 0 lo0
...but despite all this, I can't go anywhere or do anything. I can't ping the primary domain from the LDOM, I can't ping the LDOM from the primary domain, etc.
Does anyone have any insight? I would greatly appreciate the assist. Been stuck at this spot for over a week now.
Thanks in advance!
-Lyxix