I know you can do vlanning without using a vnic, my personal preferences goes to vnics for a few reason. Mostly because they have there own mac address. And to simplify my interface manangement.
Bellow you'll find some quick and dirty examples.
dladm create-vnic -l aggr0 host0 ipadm create-if host0
The above example will create a vnic named host0 on a link aggregation called aggr0, ofcourse you can create vnics on normal interfaces or even on etherstubs.
You can drop the ipadm command if you are planning on using the vnic in a zone or for kvm.
dladm create-vnic -l trunk0 -v 300 vm0 ipadm create-if vm0
Same as above but this time we are using a trunk0 in my case this is an aggr that contains tagged traffic for VLAN 100,200 and 300. By adding the
-v option followed by the vlan-tag all the traffic will be tagged before it is send along to the trunk.
Some quick references to show all vnics and how to remove them.
Showing the configure vnics:
Removing a vnic:
dladm delete-vnic vm0
Configure additional MACs:
you need to add all macs of zones if you are running smartos in qemu for example
dladm set-linkprop -p secondary-macs=42:8e:a5:23:0e:5b vm0
Check the current configuration:
dladm show-linkprop -p protection,allowed-ips vnic0
Disable link protection:
dladm reset-linkprop -p protection vnic0
Enable anti MAC-spoofing:
dladm set-linkprop -p protection=mac-nospoof vnic0
Enable anti IP-spoofing:
dladm set-linkprop -p protection=ip-nospoof vnic0 dladm set-linkprop -p allowed-ips=172.16.30.75,172.16.20.75 vnic0
Enable anti Client ID/DUID-spoofing:
dladm set-linkprop -p protection=dhcp-nospoof vnic0