Date: Wed, 23 Oct 2002 19:25:15 +0200 From: Marko Zec <zec@tel.fer.hr> To: Bill Coutinho <bill.coutinho@dextra.com.br> Cc: freebsd-arch@freebsd.org, freebsd-net@freebsd.org Subject: Re: BSD network stack virtualization + IEEE 802.1Q Message-ID: <3DB6DB7B.F1184FC@tel.fer.hr> References: <NEBBKGFCALOCPEPBDDBCKENFDIAA.bill.coutinho@dextra.com.br>
next in thread | previous in thread | raw e-mail | index | archive | help
Bill Coutinho wrote:
> Sean Chittenden, in FreeBSD-Arch list, pointed me to your "BSD network stack
> virtualization" site.
>
> What I'm trying to achieve is one box with many independent "virtual
> servers" (using the Jail subsystem), but with each vistual server attached
> to a different VLAN using the same physical NIC. This NIC should be
> connected to a switch with the 802.1Q protocol.
>
> My question is: is it possible to associate a "virtual stack" to a VLAN
> number in a 802.1Q enabled net interface, and combine it with the Jail
> subsystem "struct jail"?
Yes, you can do that with the virtualized network stack very easily, but without
using jail(8). Here is a sample step-by-step example, which I hope accomplishes
what you want:
First, we have to create two new virtual images. Here we also set the hostnames
for the new vimages, which is of course not the mandatory step, but makes things
more comprehensible:
tpx30# vimage -c my_virtual_node1
tpx30# vimage -c my_virtual_node2
tpx30# vimage my_virtual_node1 hostname node1
tpx30# vimage my_virtual_node2 hostname node2
We the create two vlan interfaces, and associate them with the physical ifc and
vlan tags:
tpx30# ifconfig vlan create
vlan0
tpx30# ifconfig vlan create
vlan1
tpx30# ifconfig vlan0 vlan 1001 vlandev fxp0
tpx30# ifconfig vlan1 vlan 1002 vlandev fxp0
tpx30# ifconfig
fxp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 192.168.201.130 netmask 0xffffff00 broadcast 192.168.201.255
ether 00:09:6b:e0:d5:fc
media: Ethernet autoselect (10baseT/UTP)
status: active
vlan0: flags=8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 00:09:6b:e0:d5:fc
vlan: 1001 parent interface: fxp0
vlan1: flags=8842<BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 00:09:6b:e0:d5:fc
vlan: 1002 parent interface: fxp0
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet 127.0.0.1 netmask 0xff000000
tpx30#
Further, we move (reassign) the vlan interfaces to the appropriate virtual
images. The vlan ifcs will disappear from the current (master) virtual image:
tpx30# vimage -i my_virtual_node1 vlan0
tpx30# vimage -i my_virtual_node2 vlan1
tpx30# ifconfig
fxp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 192.168.201.130 netmask 0xffffff00 broadcast 192.168.201.255
ether 00:09:6b:e0:d5:fc
media: Ethernet autoselect (10baseT/UTP)
status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet 127.0.0.1 netmask 0xff000000
tpx30#
Now we spawn a new interactive shell in one of the created virtual images. We
can now manage the interfaces in the usual way, start new processes/daemons,
configure ipfw...
tpx30# vimage my_virtual_node1
Switched to vimage my_virtual_node1
node1# ifconfig vlan0 1.2.3.4
node1# ifconfig
vlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 1.2.3.4 netmask 0xff000000 broadcast 1.255.255.255
ether 00:09:6b:e0:d5:fc
vlan: 1001 parent interface: fxp0@master
lo0: flags=8008<LOOPBACK,MULTICAST> mtu 16384
node1# inetd
node1# exit
Note that you won`t be able to change the vlan tag and/or parent interface
inside the virtual image where vlan interface resides, but only in the virtual
image that contains the physical interface (that was the "master" vimage in this
example).
Finally, here is the summary output from vimage -l command issued in the master
virtual image:
tpx30# vimage -l
"master":
37 processes, load averages: 0.00, 0.02, 0.00
CPU usage: 0.26% (0.26% user, 0.00% nice, 0.00% system)
Nice level: 0, no CPU limit, no process limit, child limit: 15
2 network interfaces, 2 child vimages
"my_virtual_node2":
0 processes, load averages: 0.00, 0.00, 0.00
CPU usage: 0.00% (0.00% user, 0.00% nice, 0.00% system)
Nice level: 0, no CPU limit, no process limit
2 network interfaces, parent vimage: "master"
"my_virtual_node1":
1 processes, load averages: 0.00, 0.00, 0.00
CPU usage: 0.24% (0.20% user, 0.00% nice, 0.04% system)
Nice level: 0, no CPU limit, no process limit
2 network interfaces, parent vimage: "master"
Hope this helps,
Marko
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3DB6DB7B.F1184FC>