> An issue that came up during my testing and that needs resolution is how > to handle displaying information on the underlying topology of links > assigned to exclusive stack non-global zones. For example, if a VNIC, > VLAN, or aggregation is assigned to a non-global zone, the links that > would be listed in the "OVER" column belong to the global zone, and the > question is, should non-global zones have visibility at that level? For > example, should a zone be aware that its assigned VNIC is over bge1, a > link that doesn't even show up in show-link and that it otherwise has no > visibility into? > > I'd suggest that non-global zones should not be allowed to view such > topology information. If that's the case, then what does show-link > display in the "OVER" column for such links? It could leave the column > empty (a default string of "--"), or it could display something > indicative that the information is not accessible and otherwise unknown > (e.g. "?").
"?" is what we've used elsewhere to indicate that the answer is unknown. Given that a vnic/vlan/aggregation is always over something, that seems the right thing to display if that vnic/vlan/aggregation is not visible to the zone. I'd strongly discourage "--" since that's at best misleading. > Along the same lines, it would mean that while show-link from an > exclusive stack non-global zone would display a list of links assigned > to that zone, show-aggr, show-vnic, show-vlan would be off limits and > show nothing. I'm confused why e.g. show-vnic would show nothing. Shouldn't it show the vnics assigned to the zone? -- meem
