How to Enable ILB
Before You Begin
Make sure that the system's role-based access control (RBAC) attribute files have the following entries. If the entries are not present, add them manually.
File name: /etc/security/auth_attr
solaris.network.ilb.config:::Network ILB Configuration::help=NetworkILBconf.html
solaris.network.ilb.enable:::Network ILB Enable Configuration::help=NetworkILBenable.html
solaris.smf.manage.ilb:::Manage Integrated Load Balancer Service States::help=SmfILBStates.html
File name: /etc/security/prof_attr
Network ILB:::Manage ILB configuration via ilbadm:auths=solaris.network.ilb.config,solaris.network.ilb.enable;help=RtNetILB.html
Network Management entry in the file must include solaris.smf.manage.ilb.
File name: /etc/user_attr
You must set up user authorization for ILB configuration subcommands. You must have the solaris.network.ilb.config RBAC authorization to execute the ILB configuration subcommands listed in ILB Command and Subcommands.
To assign the authorization to an existing user, see Chapter 9, Using Role-Based Access Control (Tasks), in Oracle Solaris 11.1 Administration: Security Services.
You can also provide the authorization when creating a new user account on the system.
The following example creates a user ilbadm with group ID 10, user ID 1210 and with the authorization to administer ILB in the system.
# useradd -g 10 -u 1210 -A solaris.network.ilb.config ilbadmin
The useradd command adds a new user to the /etc/passwd, /etc/shadow, and /etc/user_attr files. The -A option assigns the authorization to the user.
Assume a role that includes the ILB Management rights profile, or become superuser.
You can assign the ILB Management rights profile to a role that you create. To create the role and assign the role to a user, see Initially Configuring RBAC (Task Map) in Oracle Solaris 11.1 Administration: Security Services.
Enable the appropriate forwarding service either IPv4 or IPv6 or both of them.
This command produces no output when successful.
# ipadm set-prop -p forwarding=on ipv4
# ipadm set-prop -p forwarding=on ipv6
Enable the ILB service.
# svcadm enable ilb
Verify that the ILB service is enabled.
# svcs ilb