Comments on: Shared-IP and Exclusive-IP in Non-Global Solaris Zones http://solaris.reys.net/shared-ip-and-exclusive-ip-in-solaris-zones/ Tips and tricks on DTrace, ZFS, Zones and Solaris administration Sun, 08 Jan 2012 03:14:24 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Amit Patel http://solaris.reys.net/shared-ip-and-exclusive-ip-in-solaris-zones/comment-page-1/#comment-1651 Amit Patel Fri, 08 Apr 2011 22:10:12 +0000 http://solaris.reys.net/?p=317#comment-1651 Hi can you use ifs in a non global zone by configuring vfstab to connect to a nfs share. For our oracle install we have two zones configured for ifs access to nas. Hi can you use ifs in a non global zone by configuring vfstab to connect to a nfs share. For our oracle install we have two zones configured for ifs access to nas.

]]> By: Herve VELASCO http://solaris.reys.net/shared-ip-and-exclusive-ip-in-solaris-zones/comment-page-1/#comment-1602 Herve VELASCO Wed, 24 Mar 2010 14:36:32 +0000 http://solaris.reys.net/?p=317#comment-1602 Hello, I have a severe issue on Solaris Zone with IP exclusive. Any help would be greatly appeciate. I let you see my configuration: # zoneadm list -cv ----------- ID NAME STATUS PATH BRAND IP 0 global running / native shared 1 server01 running /zones/server01 native excl 2 server03 running /zones/server02 native excl 3 server02 running /zones/server03 native excl 4 server04 running /zones/server04 native excl # zonecfg -z server01 export ----------- create -b set zonepath=/zones/server01 set autoboot=true set ip-type=exclusive add net set physical=bge1 end add device set match=/dev/bge0 end #cat /zones/server01/root/etc/rcS.d/S01network.exclusive ----------- #!/sbin/sh case "$1" in 'start') /usr/sbin/ifconfig bge0 plumb up # LAN ASTRIUM /usr/sbin/ifconfig bge0:1 plumb up # LAN ASTRIUM /usr/sbin/ifconfig bge0:1 inet XXX.XXX.XXX.34/23 /usr/sbin/ifconfig bge1 plumb up # LAN PRIVE /usr/sbin/ifconfig bge1:1 plumb up /usr/sbin/ifconfig bge1:2 plumb up /usr/sbin/ifconfig bge1:3 plumb up /usr/sbin/ifconfig bge1:4 plumb up /usr/sbin/ifconfig bge1:5 plumb up /usr/sbin/ifconfig bge1:6 plumb up /usr/sbin/ifconfig bge1:7 plumb up /usr/sbin/ifconfig bge1:8 plumb up /usr/sbin/ifconfig bge1:9 plumb up /usr/sbin/ifconfig bge1:10 plumb up /usr/sbin/ifconfig bge1:1 inet YYY.YYY.YYY.106/24 /usr/sbin/ifconfig bge1:2 inet YYY.YYY.YYY.107/24 /usr/sbin/ifconfig bge1:3 inet YYY.YYY.YYY.108/24 /usr/sbin/ifconfig bge1:4 inet YYY.YYY.YYY.109/24 /usr/sbin/ifconfig bge1:5 inet YYY.YYY.YYY.110/24 ;; *) echo "Usage: $0 { start }" exit 1 ;; esac exit 0 ---------------------------------------- Each zone and global zone shares bge0 and are on the same subnet Each secondary zone has exclusive control on secondary interface for private network. There isn't any problem to communicate with computers on the LAN (outside global zone) but it's impossible to communicate (TCP/UDP/ICMP) beetween the zone. traceroute don't find the way: # traceroute server01 traceroute: Warning: Multiple interfaces found; using XXX.XXX.XXX.117 @ bge0 traceroute to server01 (XXX.XXX.XXX.34), 30 hops max, 40 byte packets 1 * server-master1 (XXX.XXX.XXX.117) 1068.500 ms !H * 2 * 3 * etc.... Hello,
I have a severe issue on Solaris Zone with IP exclusive.
Any help would be greatly appeciate.

I let you see my configuration:
# zoneadm list -cv
———–
ID NAME STATUS PATH BRAND IP
0 global running / native shared
1 server01 running /zones/server01 native excl
2 server03 running /zones/server02 native excl
3 server02 running /zones/server03 native excl
4 server04 running /zones/server04 native excl

# zonecfg -z server01 export
———–
create -b
set zonepath=/zones/server01
set autoboot=true
set ip-type=exclusive
add net
set physical=bge1
end
add device
set match=/dev/bge0
end

#cat /zones/server01/root/etc/rcS.d/S01network.exclusive
———–
#!/sbin/sh
case “$1″ in
‘start’)
/usr/sbin/ifconfig bge0 plumb up # LAN ASTRIUM
/usr/sbin/ifconfig bge0:1 plumb up # LAN ASTRIUM
/usr/sbin/ifconfig bge0:1 inet XXX.XXX.XXX.34/23

/usr/sbin/ifconfig bge1 plumb up # LAN PRIVE
/usr/sbin/ifconfig bge1:1 plumb up
/usr/sbin/ifconfig bge1:2 plumb up
/usr/sbin/ifconfig bge1:3 plumb up
/usr/sbin/ifconfig bge1:4 plumb up
/usr/sbin/ifconfig bge1:5 plumb up
/usr/sbin/ifconfig bge1:6 plumb up
/usr/sbin/ifconfig bge1:7 plumb up
/usr/sbin/ifconfig bge1:8 plumb up
/usr/sbin/ifconfig bge1:9 plumb up
/usr/sbin/ifconfig bge1:10 plumb up
/usr/sbin/ifconfig bge1:1 inet YYY.YYY.YYY.106/24
/usr/sbin/ifconfig bge1:2 inet YYY.YYY.YYY.107/24
/usr/sbin/ifconfig bge1:3 inet YYY.YYY.YYY.108/24
/usr/sbin/ifconfig bge1:4 inet YYY.YYY.YYY.109/24
/usr/sbin/ifconfig bge1:5 inet YYY.YYY.YYY.110/24

;;
*)
echo “Usage: $0 { start }”
exit 1
;;
esac
exit 0
—————————————-

Each zone and global zone shares bge0 and are on the same subnet
Each secondary zone has exclusive control on secondary interface for private network.

There isn’t any problem to communicate with computers on the LAN (outside global zone) but it’s impossible to communicate (TCP/UDP/ICMP) beetween the zone.

traceroute don’t find the way:
# traceroute server01
traceroute: Warning: Multiple interfaces found; using XXX.XXX.XXX.117 @ bge0
traceroute to server01 (XXX.XXX.XXX.34), 30 hops max, 40 byte packets
1 * server-master1 (XXX.XXX.XXX.117) 1068.500 ms !H *
2 *
3 *
etc….

]]> By: Koko Hernowo http://solaris.reys.net/shared-ip-and-exclusive-ip-in-solaris-zones/comment-page-1/#comment-1523 Koko Hernowo Fri, 28 Aug 2009 05:43:23 +0000 http://solaris.reys.net/?p=317#comment-1523 "zoneadm: zone 'zone1': WARNING: unable to hold network interface 'eri1'.: Invalid argument" i've got this error when i'm booting the zone (zone1) My box is SF V120, i'm not plumbing the eri1 on the global zone. What's wrong? “zoneadm: zone ‘zone1′: WARNING: unable to hold network interface ‘eri1′.: Invalid argument”
i’ve got this error when i’m booting the zone (zone1)
My box is SF V120, i’m not plumbing the eri1 on the global zone.
What’s wrong?

]]> By: Changing hostname in Solaris | Solaris Blog http://solaris.reys.net/shared-ip-and-exclusive-ip-in-solaris-zones/comment-page-1/#comment-563 Changing hostname in Solaris | Solaris Blog Wed, 20 May 2009 14:26:08 +0000 http://solaris.reys.net/?p=317#comment-563 [...] IP address configuration in Solaris zones [...] [...] IP address configuration in Solaris zones [...]

]]> By: Gleb Reys http://solaris.reys.net/shared-ip-and-exclusive-ip-in-solaris-zones/comment-page-1/#comment-366 Gleb Reys Thu, 14 May 2009 10:04:53 +0000 http://solaris.reys.net/?p=317#comment-366 bbr, thanks for asking! Last time I checked, native NFS server functionality was global zone only. I think exclusive-ip provides direct access to networking stack, but not Solaris kernel. Here's the NFS related FAQ entry for zones: http://opensolaris.org/os/community/zones/faq/#svc_nfs bbr, thanks for asking!

Last time I checked, native NFS server functionality was global zone only. I think exclusive-ip provides direct access to networking stack, but not Solaris kernel.

Here’s the NFS related FAQ entry for zones:

http://opensolaris.org/os/community/zones/faq/#svc_nfs

]]> By: Gleb Reys http://solaris.reys.net/shared-ip-and-exclusive-ip-in-solaris-zones/comment-page-1/#comment-365 Gleb Reys Thu, 14 May 2009 09:57:10 +0000 http://solaris.reys.net/?p=317#comment-365 Prashanth, you have to manage IP address from within the exclusive-ip zone. Prashanth, you have to manage IP address from within the exclusive-ip zone.

]]> By: bbr http://solaris.reys.net/shared-ip-and-exclusive-ip-in-solaris-zones/comment-page-1/#comment-360 bbr Thu, 14 May 2009 08:03:15 +0000 http://solaris.reys.net/?p=317#comment-360 does it means you can serve NFS request within a zone with exclusive IP? aka run NFS server inside a zone? bbr does it means you can serve NFS request within a zone with exclusive IP? aka run NFS server inside a zone?

bbr

]]> By: Prashanth http://solaris.reys.net/shared-ip-and-exclusive-ip-in-solaris-zones/comment-page-1/#comment-332 Prashanth Wed, 13 May 2009 15:47:44 +0000 http://solaris.reys.net/?p=317#comment-332 I have one NIC in my server.I need to have IPSec setup for the local zone and hence have to create this zone in exclusive mode. If I do so, can the global zone be still assigned a IP on this NIC I have one NIC in my server.I need to have IPSec setup for the local zone and hence have to create this zone in exclusive mode. If I do so, can the global zone be still assigned a IP on this NIC

]]> By: Gleb Reys http://solaris.reys.net/shared-ip-and-exclusive-ip-in-solaris-zones/comment-page-1/#comment-325 Gleb Reys Wed, 13 May 2009 06:19:05 +0000 http://solaris.reys.net/?p=317#comment-325 Indeed, Eric! It's always possible manage the zone via local console (zlogin -C) though. Indeed, Eric!

It’s always possible manage the zone via local console (zlogin -C) though.

]]> By: Eric http://solaris.reys.net/shared-ip-and-exclusive-ip-in-solaris-zones/comment-page-1/#comment-312 Eric Tue, 12 May 2009 23:15:18 +0000 http://solaris.reys.net/?p=317#comment-312 It would be useful if ip-type was set per interface instead of globally per zone. Then you could use one shared network for management in addition to the exclusive interface(s). It would be useful if ip-type was set per interface instead of globally per zone. Then you could use one shared network for management in addition to the exclusive interface(s).

]]>