> Tribblix Networking

Tribblix inherits a functional and flexible networking subsystem from illumos.

The traditional ifconfig command will show a lot of detail on network interfaces. Its output, however, can be hard to read. To make things easier, there are several newer commands, such as dladm (for datalinks), ipadm (for IP), routeadm (for routing), and flowadm (for network flows).

Generally, the intention of Tribblix is that networking configuration should be handled automatically by tools such as zap rather than having to be performed manually by the administrator or user. For example, using zap to create and destroy zones will set up the appropriate networking for you. It's still useful to understand what's available behind the scenes, though.

By default, Tribblix networking uses nwam (NetWork Auto Magic) which will work out which network interface to use and run dhcp to get the configuration automatically. Most of the time, this will do the right thing.

dladm

The dladm command operates on datalinks - physical or virtual network objects. Its coverage is quite extensive, so only the most common cases are covered here.

To show the physical network interfaces, use:

  dladm show-phys

for example,

LINK         MEDIA                STATE      SPEED  DUPLEX    DEVICE
e1000g0      Ethernet             up         100    full      e1000g0

which shows that my system has a single e1000g0 network card, that's up at 100Mbps full-duplex.

To show all datalinks, use:

  dladm show-link

for example,

LINK        CLASS     MTU    STATE    BRIDGE     OVER
e1000g0     phys      1500   up       --         --
vnic1       vnic      1500   up       --         e1000g0
bhyve0      vnic      1500   up       --         e1000g0

which shows that, in addition to the e1000g0 physical interface, I have two vnic (virtual interfaces) called vnic1 and bhyve0, which are created atop the e1000g0 interface.

If you build zones using exclusive-ip (the -x flag to zap create-zone) then vnics will be created automatically as part of that process.

ipadm

While dladm manages network interfaces, ipadm manages the network addresses and properties on those interfaces.

To see which network interfaces ipadm knows about, use:

  ipadm show-if

for example,

IFNAME     CLASS     STATE    CURRENT      PERSISTENT
lo0        VIRTUAL   ok       -m-v------46 ---
e1000g0    IP        ok       bm--------46 ---

which shows that ipadm is handling two IP interfaces, lo0 which is the internal loopback device and the physical e1000g0 interface.

To see configured addresses, use:

  ipadm show-addr

for example,

ADDROBJ           TYPE     STATE        ADDR
lo0/v4            static   ok           127.0.0.1/8
lo0/?             static   ok           127.0.0.1/8
lo0/?             static   ok           127.0.0.1/8
e1000g0/_b        dhcp     ok           192.168.0.63/24
e1000g0/?         static   ok           192.168.0.217/24
e1000g0/?         static   ok           192.168.0.201/24
lo0/v6            static   ok           ::1/128
lo0/?             static   ok           ::1/128
lo0/?             static   ok           ::1/128
e1000g0/_a        addrconf ok           fe80::3617:ebff:fec4:1b42%e1000g0/10

As you can see, it's getting quite complicated. The ipadm command thinks in terms of address objects (the names in the ADDROBJ column) which are the name of the interface and a label.

It's not quite obvious from the above, but the entries with "?" as the label are associated with shared-ip networking in zones. Each zone has its own loopback network, and they always have the same address (127.0.0.1/8 for IPv4 or ::1/128 for IPv6) so those are duplicated.

routeadm

There are two parts to routeadm: IP forwarding is the passing of IP packets from one network to another; IP routing is the use of a routing protocol to determine routes.

Simply running the routeadm command will show the status of the routing system. For example:

              Configuration   Current              Current
                     Option   Configuration        System State
---------------------------------------------------------------
               IPv4 routing   enabled              enabled
               IPv6 routing   disabled             disabled
            IPv4 forwarding   disabled             disabled
            IPv6 forwarding   disabled             disabled

           Routing services   "route:default ripng:default"

Routing daemons:

                      STATE   FMRI
                   disabled   svc:/network/routing/ripng:default
                   disabled   svc:/network/routing/legacy-routing:ipv4
                   disabled   svc:/network/routing/legacy-routing:ipv6
                     online   svc:/network/routing/ndp:default
                   disabled   svc:/network/routing/rdisc:default
                     online   svc:/network/routing/route:default

One thing to note here is that there are a number of associated SMF services. Generally, it's better to use routeadm to set things up and let it turn the services it needs on and off rather than manipulating the SMF services directly.

flowadm

In illumos, it's possible to implement resource controls on a lot of things, including network utilization. This is all managed and monitored using the flowadm command.

This is an advanced topic that won't be covered in detail here. The basic command to see if there are any flows configured is:

    flowadm show-flow

If nothing is returned, then no flows are configured.

If you wish to associate a flow with a zone, for example to limit its bandwidth utilization, then the -F flag to zap create-zone will automatically create a flow with the given properties and associate it with the new zone.

If all you want to do is monitor network usage of a zone, then the dlstat will do that for you, with no need to create a flow.

Index | Previous Section | Next Section