[crossbow-discuss] dedicated vnic IP zone not recieving unicast traffic

Jonathan Wheeler Mon, 12 Jan 2009 07:27:04 PST

Hi Folks,

I have a snv_105 sxce host that I just can't get to work as expected with 
crossbow + zones.
My test host persephone, is a virtual machine running under VMware ESXi 3.5, 
with 2 virtual network cards (e1000), all on the same flat network/subnet.
It started life just 2 days ago with a clean install of snv_95, and I LUed to 
105 yesterday.


To rule out any sharing issue, the first nic (e1000g0) is used only for the 
global zone.
The second nic is used only by crossbow, for the vnic "zonevnic0", which is 
bound to e1000g1.
sparse-template is the zone that I've been trying to get to work using a 
dedicated IP instance using the vnic zonevnic0.

Using snoop in the zone, (or in the global zone, with "-d zonevnic0") I can see 
broadcast/unicast traffic going out, but only broadcast & ARP replies are 
coming back in again?!
So my arp is full and working as expected, I don't get any ping replies and 
needless to say other hosts can't talk to the zone.
I just can't seem to get any unicast to return to the non-global zone.

I left sparse-template pinging my desktop, and with snoop running on my desktop 
I can see both the ICMP request and the ICMP reply that I'm sending back again, 
it just never makes it. (I also confirmed that TCP syns come through too)

I'm stumped, what could be the issue? I haven't done any firewalling or custom 
flows/queues or anything fancy at all!

Zone Config:
zonename: sparse-template
zonepath: /zones/sparse-template
brand: native
autoboot: true
bootargs: 
pool: 
limitpriv: 
scheduling-class: 
ip-type: exclusive
inherit-pkg-dir:
        dir: /lib
inherit-pkg-dir:
        dir: /platform
inherit-pkg-dir:
        dir: /sbin
inherit-pkg-dir:
        dir: /usr
net:
        address not specified
        physical: zonevnic0
        defrouter not specified

Vnic config:
# dladm show-phys
LINK         MEDIA                STATE      SPEED  DUPLEX    DEVICE
e1000g0      Ethernet             up         1000   full      e1000g0
e1000g1      Ethernet             up         1000   full      e1000g1
# dladm show-link
LINK        CLASS    MTU    STATE    OVER
e1000g0     phys     1500   up       --
e1000g1     phys     1500   up       --
zonevnic0   vnic     1500   up       e1000g1
# dladm show-vnic
LINK         OVER         SPEED  MACADDRESS           MACADDRTYPE         VID
zonevnic0    e1000g1      1000   2:8:20:e1:ac:39      random              0

Ifconfig:
# ifconfig -a
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 
index 1
        inet 127.0.0.1 netmask ff000000 
e1000g0: flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS> mtu 1500 
index 2
        inet 192.168.1.60 netmask ffffff00 broadcast 192.168.1.255
        ether 0:c:29:60:4e:c2 
e1000g1: flags=201000842<BROADCAST,RUNNING,MULTICAST,IPv4,CoS> mtu 1500 index 3
        inet 0.0.0.0 netmask ff000000 
        ether 0:50:56:ac:51:6 
lo0: flags=2002000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv6,VIRTUAL> mtu 8252 
index 1
        inet6 ::1/128 
e1000g0: flags=202004841<UP,RUNNING,MULTICAST,DHCP,IPv6,CoS> mtu 1500 index 2
        inet6 fe80::20c:29ff:fe60:4ec2/10 
        ether 0:c:29:60:4e:c2

ifconfig from the zone itself via zlogin -C :/
bash-3.2# ifconfig -a
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 
index 1
        inet 127.0.0.1 netmask ff000000 
zonevnic0: flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS> mtu 1500 
index 2
        inet 192.168.1.61 netmask ffffff00 broadcast 192.168.1.255
        ether 2:8:20:e1:ac:39 
lo0: flags=2002000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv6,VIRTUAL> mtu 8252 
index 1
        inet6 ::1/128 
zonevnic0: flags=202004841<UP,RUNNING,MULTICAST,DHCP,IPv6,CoS> mtu 1500 index 2
        inet6 fe80::8:20ff:fee1:ac39/10 
        ether 2:8:20:e1:ac:39

bash-3.2# arp -an
Net to Media Table: IPv4
Device   IP Address               Mask      Flags      Phys Addr
------ -------------------- --------------- -------- ---------------
zonevnic0 192.168.1.72         255.255.255.255 o        00:14:5e:45:b9:60
zonevnic0 192.168.1.68         255.255.255.255 o        00:14:5e:45:b9:60
zonevnic0 192.168.1.61         255.255.255.255 SPLA     02:08:20:e1:ac:39
zonevnic0 192.168.1.133        255.255.255.255 o        00:15:f2:1d:48:c2
zonevnic0 224.0.0.0            240.0.0.0       SM       01:00:5e:00:00:00

bash-3.2# snoop -r
Using device zonevnic0 (promiscuous mode)
192.168.1.133 -> (broadcast)  ARP C Who is 192.168.1.133, 192.168.1.133 ?
192.168.1.68 -> 224.0.1.1    NTP  broadcast [st=3] (2009-01-13 04:21:45.35306)
192.168.1.68 -> 192.168.1.254 ARP R 192.168.1.68, 192.168.1.68 is 
0:14:5e:45:b9:60
192.168.1.68 -> (broadcast)  ARP C Who is 192.168.1.68, 192.168.1.68 ?
fe80::214:5eff:fe45:b960 -> ff02::1:2    DHCPv6 Solicit xid=6a3a7 IAs=1
fe80::8:20ff:fee1:ac39 -> ff02::1:2    DHCPv6 Solicit xid=58244d IAs=1
192.168.1.68 -> 192.168.1.254 ARP R 192.168.1.68, 192.168.1.68 is 
0:14:5e:45:b9:60
192.168.1.60 -> (broadcast)  ARP C Who is 192.168.1.60, 192.168.1.60 ?
192.168.1.133 -> 192.168.1.254 ARP R 192.168.1.133, 192.168.1.133 is 
0:15:f2:1d:48:c2
192.168.1.254 -> (broadcast)  ARP C Who is 192.168.1.72, 192.168.1.72 ?
192.168.1.72 -> 192.168.1.254 ARP R 192.168.1.72, 192.168.1.72 is 
0:14:5e:45:b9:60

I've stayed up until 4:30am pulling hair. What am I doing wrong?
- Jonathan
-- 
This message posted from opensolaris.org

[crossbow-discuss] dedicated vnic IP zone not recieving unicast traffic

Reply via email to