In this short article I'll walk you through the steps involved in configuring a logical interface on a Solaris system.
Logical interfaces come in handy when we need to assign multiple IP addresses to a single physical NIC card. This technique was especially useful while configuring zones on Solaris 10. with Solaris 11 the network stack was significantly re-written and we don't really use logcial interfaces for zones on our Solaris 11 systems.
First we plumb the interface:
root@sandbox:/# ifconfig e1000g0:1 plumb
The plumb argument with the ifconfig command makes the interface corresponding to the physical device/ NIC card available for TCP/IP communication.
Let's see if we can see it in ifconfig:
root@sandbox:/# ifconfig e1000g0:1
e1000g0:1: flags=1000842<BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet 0.0.0.0 netmask 0
Logical interfaces come in handy when we need to assign multiple IP addresses to a single physical NIC card. This technique was especially useful while configuring zones on Solaris 10. with Solaris 11 the network stack was significantly re-written and we don't really use logcial interfaces for zones on our Solaris 11 systems.
First we plumb the interface:
root@sandbox:/# ifconfig e1000g0:1 plumb
The plumb argument with the ifconfig command makes the interface corresponding to the physical device/ NIC card available for TCP/IP communication.
Let's see if we can see it in ifconfig:
root@sandbox:/# ifconfig e1000g0:1
e1000g0:1: flags=1000842<BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet 0.0.0.0 netmask 0
The interface is available but is in a down state and carries no network traffic.
Now, we assign an IP address to it and bring it up:
root@sandbox:/# ifconfig e1000g0:1 192.168.87.142 netmask 255.255.255.0 up
The ifconfig command now shows that an IP has been assigne dto the interface and it is up.
root@sandbox:/# ifconfig e1000g0:1
e1000g0:1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet 192.168.87.142 netmask ffffff00 broadcast 192.168.87.255
To make the addition persistent across reboots we need to create a file /etc/hostname.interface name and add the IP address assigned to the interface in that file as shown below:
root@sandbox:/# echo 192.168.87.142 >> /etc/hostname.e1000g0:1
root@sandbox:/# cat /etc/hostname.e1000g0:1
192.168.87.142
Now, to verify that the logical interface is functioning correctly, we ping google.com through it.
root@sandbox:/# ping -i e1000g0:1 google.com
google.com is alive
As a final test we try to ssh to the host and check if snoop can pick on the traffic.
[user.DESKTOP-4NN)77O] ➤ ssh root@192.168.87.142
Last login: Sun Oct 1 15:51:32 2017 from 192.168.87.1
Sun Microsystems Inc. SunOS 5.10 Generic January 2005
root@sandbox:/#
Snoop will not be able to capture packets on the logical interface because it does not have an underlying data link component. So I ran snoop on the underlaying interface e1000g0 and it did capture traffic for the logical interface e1000g0:1.
root@sandbox:/# snoop -d e1000g0
Using device e1000g0 (promiscuous mode)
sandbox -> 192.168.87.1 TCP D=63292 S=22 Push Ack=2221229257 Seq=382012030 Len=32 Win=49640
192.168.87.1 -> sandbox TCP D=22 S=63292 Ack=382012062 Seq=2221229257 Len=0 Win=2052
sandbox -> 192.168.87.2 DNS C 1.87.168.192.in-addr.arpa. Internet PTR ?
192.168.87.2 -> (broadcast) ARP C Who is 192.168.87.141, sandbox ?
sandbox -> 192.168.87.2 ARP R 192.168.87.141, sandbox is 0:c:29:59:30:b0
192.168.87.2 -> sandbox DNS R Error: 3(Name Error)
sandbox -> 192.168.87.2 DNS C 1.87.168.192.in-addr.arpa. Internet PTR ?
192.168.87.2 -> sandbox DNS R Error: 3(Name Error)
192.168.87.1 -> 192.168.87.142 TCP D=22 S=63545 Push Ack=454369125 Seq=3517627341 Len=32 Win=2050
192.168.87.142 -> 192.168.87.1 TCP D=63545 S=22 Push Ack=3517627373 Seq=454369125 Len=48 Win=49640
192.168.87.142 -> 192.168.87.1 TCP D=63545 S=22 Push Ack=3517627373 Seq=454369173 Len=48 Win=49640
192.168.87.142 -> 192.168.87.1 TCP D=63545 S=22 Push Ack=3517627373 Seq=454369221 Len=64 Win=49640
192.168.87.1 -> 192.168.87.142 TCP D=22 S=63545 Ack=454369285 Seq=3517627373 Len=0 Win=2050
192.168.87.1 -> 192.168.87.142 TCP D=22 S=63545 Push Ack=454369285 Seq=3517627373 Len=32 Win=2050
192.168.87.1 -> 192.168.87.142 TCP D=22 S=63545 Push Ack=454369285 Seq=3517627405 Len=64 Win=2050
192.168.87.142 -> 192.168.87.1 TCP D=63545 S=22 Ack=3517627469 Seq=454369285 Len=0 Win=49640
192.168.87.1 -> 192.168.87.142 TCP D=22 S=63545 Fin Ack=454369285 Seq=3517627469 Len=0 Win=2050
192.168.87.142 -> 192.168.87.1 TCP D=63545 S=22 Ack=3517627470 Seq=454369285 Len=0 Win=49640
192.168.87.142 -> 192.168.87.1 TCP D=63545 S=22 Fin Ack=3517627470 Seq=454369285 Len=0 Win=49640
192.168.87.1 -> 192.168.87.142 TCP D=22 S=63545 Ack=454369286 Seq=3517627470 Len=0 Win=2050
192.168.87.1 -> 192.168.87.142 TCP D=22 S=63550 Fin Ack=455480447 Seq=2920316502 Len=0 Win=2052
192.168.87.142 -> 192.168.87.1 TCP D=63550 S=22 Ack=2920316503 Seq=455480447 Len=0 Win=49640
192.168.87.142 -> 192.168.87.1 TCP D=63550 S=22 Fin Ack=2920316503 Seq=455480447 Len=0 Win=49640
192.168.87.1 -> 192.168.87.142 TCP D=22 S=63550 Ack=455480448 Seq=2920316503 Len=0 Win=2052
No comments:
Post a Comment