Re: [zones-discuss] Somewhat unusual exclusive-IP type configuration needed
Steffen Weiberle wrote: On 10/20/08 10:58, Joe Barbey wrote: Hi all, I've got a situation that doesn't seem to be really covered in the various docs I've read up to now. I have a number of servers where I want to do something like the following, if possible. Any help would be greatly appreciated. I would like to host a number of zones on a server, let's say an m4000, but I want those zones to be on a different subnet than the global. So far, no problem: use exclusive-IP. However, currently I don't have enough NICs to give one each to all zones. One thought I had was a sort of mix of shared-IP and exclusive-IP. Give a couple of different zones the same NIC in exclusive-IP mode. I haven't tried it, but I'm fairly certain this won't work, as each zone will try to control the NIC itself. http://blogs.sun.com/stw/entry/using_ip_instances_with_vlans This is with Solaris 10 8/07, to take advantage of IP Instanced delivered in that update. Steffen I'm responding to Steffen, but it really applies to you all. Thanks! Using VLANs worked perfectly. We ended up buying some quad gig NICs, but still had one or two zones that were without connection. As they were QA or expected to be low bandwidth servers, I used VLANs an had them share a connection with the global. A quick re-config on the switch port, and all was well. Thanks again for the suggestions! -- Joe Barbey IS Network Support Senior office: (715) 425-4357 Davee Library room 166C cell: (715) 821-0008 UW - River Falls ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Somewhat unusual exclusive-IP type configuration needed
On 10/20/08 10:58, Joe Barbey wrote: Hi all, I've got a situation that doesn't seem to be really covered in the various docs I've read up to now. I have a number of servers where I want to do something like the following, if possible. Any help would be greatly appreciated. I would like to host a number of zones on a server, let's say an m4000, but I want those zones to be on a different subnet than the global. So far, no problem: use exclusive-IP. However, currently I don't have enough NICs to give one each to all zones. One thought I had was a sort of mix of shared-IP and exclusive-IP. Give a couple of different zones the same NIC in exclusive-IP mode. I haven't tried it, but I'm fairly certain this won't work, as each zone will try to control the NIC itself. http://blogs.sun.com/stw/entry/using_ip_instances_with_vlans This is with Solaris 10 8/07, to take advantage of IP Instanced delivered in that update. Steffen My major concern is to get the global zone on one subnet, while the non-globals will be at least one other subnet, possibly others. Using shared-IP, I know we had routing issues. I can't remember if it was on the global side or the local, but I know there were issues. Perhaps this has been fixed in more recent releases? We are currently running Solaris 10 08/2007. At this point there wouldn't really be time to move up to the latest release, though we use UCE to patch the global up to date before we start building zones. Thanks for your help! ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Somewhat unusual exclusive-IP type configuration needed
Joe Barbey writes: I would like to host a number of zones on a server, let's say an m4000, but I want those zones to be on a different subnet than the global. So far, no problem: use exclusive-IP. However, currently I don't have enough NICs to give one each to all zones. Use VLANs. It'll work if you give each exclusive IP instance a separate VLAN on an interface (or a small group of interfaces). One thought I had was a sort of mix of shared-IP and exclusive-IP. Give a couple of different zones the same NIC in exclusive-IP mode. I haven't tried it, but I'm fairly certain this won't work, as each zone will try to control the NIC itself. No, that won't work. We discussed it during the development of the IP Instances (exclusive stack) feature, but the project team considered it to be too complex at least for the initial version. Exclusive is just that: exclusive of all other zones on the system. My major concern is to get the global zone on one subnet, while the non-globals will be at least one other subnet, possibly others. Using shared-IP, I know we had routing issues. I can't remember if it was on the global side or the local, but I know there were issues. Perhaps this has been fixed in more recent releases? As long as you have distinct destinations for the traffic, that can be made to work with shared stack instances, but you're right that it's always been a bit problematic. It wasn't the design center for the original Kevlar/Zones project: all zones were expected to go on a common set of subnets. -- James Carlson, Solaris Networking [EMAIL PROTECTED] Sun Microsystems / 35 Network Drive71.232W Vox +1 781 442 2084 MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677 ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Somewhat unusual exclusive-IP type configuration needed
Le 20 oct. 08 à 16:58, Joe Barbey a écrit : I've got a situation that doesn't seem to be really covered in the various docs I've read up to now. I have a number of servers where I want to do something like the following, if possible. Any help would be greatly appreciated. It's not so unusual. But it's not correctly covered. My major concern is to get the global zone on one subnet, while the non-globals will be at least one other subnet, possibly others. Using shared-IP, I know we had routing issues. I can't remember if it was on the global side or the local, but I know there were issues. Perhaps this has been fixed in more recent releases? The only answer today is exclusive-IP. As James suggest, you may use VLANs if you switch is able to let you send tagged packet to it. I didn't experience the new default route option in zone configuration...anyway it's only beginning with u5 and you're using u4. Anyway, if you have multiple subnet used for you local zone, the best bet is is to use VLAN-tagging. Default routers and circular use of them in the global zone become quickly a nightmare. Nicolas ___ zones-discuss mailing list zones-discuss@opensolaris.org
