Prior to Solaris 11, it was always possible to add a virtual, or secondary IP address to a network interface, such as bge0:1
on top of bge0
.
Solaris 11 takes things an important step further, by allowing you to encapsulate an IP address within a virtual network interface object. This object can be treated as a first class network entity in its own right. It is possible to run snoop
on it. It is also possible to assign it to a zone, and allow the zone to have full access to it, without compromising the security of the physical device, or other VNICs on that device.
You can name a VNIC almost anything you want, as long as you put a number at the end of it. For ease of comprehension, however, you may want to stick to the standard of vnicX
.
Sample usage is as follows:
dladm create-vnic -l net0 vnic1 ipadm create-ip vnic1 ipadm create-addr -T static -a local=1.2.3.9/24 vnic1/extraIP snoop -d vnic1
As mentioned, snoop
will pick up traffic related to 1.2.3.9
, and to broadcast traffic...