the steps below even allow the NGZ to never have to fall back to ifconfig: - on the first boot (and only on the first reboot), ipmgmtd will create the interface persistently, so that those properties and interface itself can be accessed through ipadm. I'm also proposing that the addresses will be created temporarily. - interfaces with allowed_ips constraints from the GZ will be marked IFF_L3PROTECT (new, read-only flag) and persistent addresses may not be created on these (ipadm will return EPERM, and print the appropriate error message, something like "Cannot create persistent addresses on interfaces managed by the global zone"). The IFF_L3PROTECT will be listed in ifconfig output, as well as by a "Z" flag in show-if output. - In subsequent boots, any interface that has persistent information in ipadm.conf and IP address information from the GZ will be reconstructed using /sbin/ipadm enable-if. - the administrator can do a delete-if of the l3protect-ed interfaces at any time to stop /lib/svc/method/net-physical from recreating these on reboot.
In this case, how does NGZ admin recover the deleted interface and the 'from_gz' addresses configured on that deleted interface. Using, 'ipadm enable-if' wouldn't work as the semantics of enable-if is to restore the configuration by reading the persistent store and evidently we have erased the persistent store in this case. Will there be a new sub-command then?
~GmG _______________________________________________ opensolaris-arc mailing list [email protected]
