Re: [zones-discuss] networking
-Original Message- From: steffen.weibe...@sun.com [mailto:steffen.weibe...@sun.com] Sent: Wednesday, February 17, 2010 12:02 PM To: zones-discuss@opensolaris.org Cc: Dombrowski, Neil Subject: Re: [zones-discuss] networking On 02/16/10 17:17, Christine Tran wrote: On Tue, Feb 16, 2010 at 4:59 PM, Dombrowski, Neil neil.dombrow...@hp.com wrote: For an example, let's say zone1 has a default route using gateway 172.16.1.1 and zone2 has a default router using gateway 192.168.0.1. If I am logged into the global zone, and it needs to send a packet to 10.10.10.10, will it use one of the non-global-zone's default route? It will round-robin between the two gateways IF it has interfaces local to that network. That is, you need something like this: assume 24-bit mask, e1000g0 172.16.1.10 and e1000g1 192.168.0.10 (the 10 is just an example.) If you only have one interface local to one gateway, it will use that gateway. What I'm guessing is that you have your zones plumbed on a virtual interface, but nothing plumbed on the actual interface, from the global zone's perspective. In your ifconfig -a output, when you've removed all the entries for zones, do you actually have an interface that can reach a router? CT ___ zones-discuss mailing list zones-discuss@opensolaris.org To elaborate a little, if your global zone has an IP address on net0, and the other zones have IP address(es) on net1, net2, and net3, the only default route(s) the global will use are those related to net0. If a zone also has an IP address on net0, and it is on a different subnet than that/those used by the global zone, the global will still only use those related to it, not those added for the non-global zone. I had tested this a while back and had a discussion with an engineer around that. The result was that while I generally suggest the non-global zones use different IP subnet(s) and different interfaces than the global zone, the minimum requirement is that the zones use different IP subnet(s), and default routing will be fine. I believe in your case each zone will only use it's default route. You can verify this easily with the 'route get 10.10.10.10' command. It will list which interface is being used. Whether it is wise to have 172.16.1.0/24 and 192.168.0.0/24 on the same interface is a separate question. There is not enough information to make a guess at how your system is actually configured, and whether all the zones are sharing a single interface. Its also not clear which build or update of OpenSolaris or Solaris is being used. My recent testing was with Solaris 10 10/09 and a recent Nevada build (IIRC). The above should apply to any update with at least with 'defrouter' zone configuration option (8/07 I believe). Steffen Thanks to everyone's responses; I'm learning quite a bit here! My next question (which I think may have been partially answered already); it's obvious now that the global zone inherits the ngzones (non-global zones) routing information; is that a two-way street? If zone1 has a default route using 10.10.10.1 as it's gateway, and in the global zone I use a different router on the same network (10.10.10.5) as my default gateway, will that affect/interrupt zone1's routing table? I'll be experimenting a bit with this on my opensolaris box; hopefully it will match what solaris will do on our sparc servers. Neil ___ zones-discuss mailing list zones-discuss@opensolaris.org
[zones-discuss] networking
I'm new to zones, and this appears to be a conundrum for me: I have a global zone that shows multiple default routes (on different interfaces). It also shows a third separate interface (clprivnet0) with an IP that's not in anyone's documentation(actually there are two physical servers set up the same way). My guess is that these two servers were to be clustered at one point, but this was aborted before I came onboard. Regardless, the global zone's routing table looks busy, is it because it's showing the routes for the zones? If so, is it possible to have the global zone routing differently than the local zones? Thanks, Neil ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] networking
-Original Message- From: sowmini.varad...@sun.com [mailto:sowmini.varad...@sun.com] Sent: Tuesday, February 16, 2010 1:16 PM To: Dombrowski, Neil Cc: zones-discuss@opensolaris.org Subject: Re: [zones-discuss] networking On (02/16/10 19:03), Dombrowski, Neil wrote: I'm new to zones, and this appears to be a conundrum for me: I have a global zone that shows multiple default routes (on different interfaces). It also shows a third separate interface (clprivnet0) with an IP that's not in anyone's documentation(actually there are two physical servers set up the same way). My guess is that these two servers were to be clustered at one point, but this was aborted before I came onboard. Regardless, the global zone's routing table looks busy, is it because it's showing the routes for the zones? If so, is it possible to have the global zone routing differently than the local zones? hard to answer, without more data on what the subnets for the various zones are, and what the desired routing is. The global zone's netstat may show routes that are only accessible from a non-global zone, so the fact that the routing table is busy does not say anything without more information about the subnet configuration. --Sowmini For an example, let's say zone1 has a default route using gateway 172.16.1.1 and zone2 has a default router using gateway 192.168.0.1. If I am logged into the global zone, and it needs to send a packet to 10.10.10.10, will it use one of the non-global-zone's default route? Looking at /etc/defaultrouter for the global zone, it shows the gateway IPs for the two non-global zones, and also 10.10.10.1 . when I try to traceroute to 10.10.10.10 it never shows a single hop (as if it's not going to any gateway). So, why am I not getting to 10.10.10.10? And if I removed the other default routes in the global zone, will I be damaging the routing for the local zones? If I add a static route in the global zone will that be propagated to the non-local zones(I wouldn't want that)? If there's a good doc out there that explains this, I'd appreciate a pointer to it, or whatever advice you have for me. Thanks, Neil ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] networking
There is a /usr/cluster/bin/scstat command, which on each server shows only itself (the two servers don't seem to have any info here on the other server). I also see a bunch of /usr/cluster/lib/something processes running on each box. I'm making inquiries as to whether the cluster has ever worked, but so far it sounds like it was tabled for higher priority projects, and never gotten back to. Neil -Original Message- From: zones-discuss-boun...@opensolaris.org [mailto:zones-discuss-boun...@opensolaris.org] On Behalf Of Enda O'Connor Sent: Tuesday, February 16, 2010 4:20 PM To: zones-discuss@opensolaris.org Subject: Re: [zones-discuss] networking Hi Are you sure cluster is disabled, what does /usr/cluster/bin/status show? Enda On 16/02/2010 21:59, Dombrowski, Neil wrote: -Original Message- From: sowmini.varad...@sun.com [mailto:sowmini.varad...@sun.com] Sent: Tuesday, February 16, 2010 1:16 PM To: Dombrowski, Neil Cc: zones-discuss@opensolaris.org Subject: Re: [zones-discuss] networking On (02/16/10 19:03), Dombrowski, Neil wrote: I'm new to zones, and this appears to be a conundrum for me: I have a global zone that shows multiple default routes (on different interfaces). It also shows a third separate interface (clprivnet0) with an IP that's not in anyone's documentation(actually there are two physical servers set up the same way). My guess is that these two servers were to be clustered at one point, but this was aborted before I came onboard. Regardless, the global zone's routing table looks busy, is it because it's showing the routes for the zones? If so, is it possible to have the global zone routing differently than the local zones? hard to answer, without more data on what the subnets for the various zones are, and what the desired routing is. The global zone's netstat may show routes that are only accessible from a non-global zone, so the fact that the routing table is busy does not say anything without more information about the subnet configuration. --Sowmini For an example, let's say zone1 has a default route using gateway 172.16.1.1 and zone2 has a default router using gateway 192.168.0.1. If I am logged into the global zone, and it needs to send a packet to 10.10.10.10, will it use one of the non-global-zone's default route? Looking at /etc/defaultrouter for the global zone, it shows the gateway IPs for the two non-global zones, and also 10.10.10.1 . when I try to traceroute to 10.10.10.10 it never shows a single hop (as if it's not going to any gateway). So, why am I not getting to 10.10.10.10? And if I removed the other default routes in the global zone, will I be damaging the routing for the local zones? If I add a static route in the global zone will that be propagated to the non-local zones(I wouldn't want that)? If there's a good doc out there that explains this, I'd appreciate a pointer to it, or whatever advice you have for me. Thanks, Neil ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
