Re: [zones-discuss] zonecfg and dhcp for shared interface?
Erik Nordmark writes: > James Carlson wrote: > > > Getting the DHCP data into a form where Linux can use it inside the > > zone might be a challenge, but it's worth some thought. > > I think it would also require emulation/translation of some additional > Linux ioctls; I don't think the ioctl to *set* the IP address and > netmask are handled by the brandZ/lx brand. I think we're talking about very different things here. I was talking about providing a way to get the configuration data from DHCP -- DNS addresses and the like -- into the zone. In other words, delivering a version of /sbin/dhcpinfo that works right in this case. I believe we already deliver some special Solaris-related tools to BrandZ, so one more shouldn't be too much. Given that we're talking about a shared-stack zone (BrandZ doesn't work with exclusive-stack, does it?), getting the IP address and netmask into the zone is useless. /sbin/dhcpinfo can give you that data, but even if you have it, there's not much that you can do with it. You can't configure interfaces; that must occur outside the zone, by way of zoneadmd. Getting exclusive-stack to work should (I think) mean running Linux's DHCP client implementation inside the non-global zone, shouldn't it? Doing that means making PF_PACKET work there -- or whatever hack they're using instead of DLPI. ;-} -- James Carlson, Solaris Networking <[EMAIL PROTECTED]> Sun Microsystems / 1 Network Drive 71.232W Vox +1 781 442 2084 MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677 ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zonecfg and dhcp for shared interface?
Erik Nordmark wrote: James Carlson wrote: Getting the DHCP data into a form where Linux can use it inside the zone might be a challenge, but it's worth some thought. I think it would also require emulation/translation of some additional Linux ioctls; I don't think the ioctl to *set* the IP address and netmask are handled by the brandZ/lx brand. I had been informed of the same regarding brandZ and IP Instances. Steffen Erik ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zonecfg and dhcp for shared interface?
James Carlson wrote: Getting the DHCP data into a form where Linux can use it inside the zone might be a challenge, but it's worth some thought. I think it would also require emulation/translation of some additional Linux ioctls; I don't think the ioctl to *set* the IP address and netmask are handled by the brandZ/lx brand. Erik ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zonecfg and dhcp for shared interface?
Martin Man writes: > > VNIC? I think we were discussing the use of DHCP with regular > > shared-stack zones and ordinary logical interfaces. > > I'm lost in Sun's "always-have-at-least-three-names-for-the-same-thing" > madness, fortunately it didn't confuse you :-)) ;-} > I understand physical interface bge0 and I know logical interface > bge0:1. forget the rest please..., somehow I was thinking about VNIC > being the Virtual NIC, e.g., logical interface... OK; then it sounds like we're talking about the same thing. (VNICs are a Crossbow concept. They're layer 2 devices, rather than being layer 3 entities like the much older IP logical interfaces. If you like, you can think of IP logical interfaces as being "address aliases" found on other operating systems. They're just represented as distinct IP objects with their own flags on Solaris.) > > I think the proposal would be to make the DHCP-learned information > > available within the non-global zone, not to go modify the zone's > > files from the global zone. > > > > One way to do this would be to make the /etc/dhcp/$IF.dhc file visible > > in the zone, and write the raw DHCPACK there. There are probably > > better ways of doing this, such as making dhcpagent's internal control > > socket (used by dhcpinfo) available in the zone. > > as long as it will work with BrandZ I basically don't care... Got it; that's an important consideration. Getting the DHCP data into a form where Linux can use it inside the zone might be a challenge, but it's worth some thought. -- James Carlson, Solaris Networking <[EMAIL PROTECTED]> Sun Microsystems / 1 Network Drive 71.232W Vox +1 781 442 2084 MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677 ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zonecfg and dhcp for shared interface?
James Carlson wrote: > Martin Man writes: >> Well, if I understand this correctly, zoneadmd does plumb and will >> eventually do dhcp config of the VNIC. > > VNIC? I think we were discussing the use of DHCP with regular > shared-stack zones and ordinary logical interfaces. I'm lost in Sun's "always-have-at-least-three-names-for-the-same-thing" madness, fortunately it didn't confuse you :-)) I understand physical interface bge0 and I know logical interface bge0:1. forget the rest please..., somehow I was thinking about VNIC being the Virtual NIC, e.g., logical interface... > I think the proposal would be to make the DHCP-learned information > available within the non-global zone, not to go modify the zone's > files from the global zone. > > One way to do this would be to make the /etc/dhcp/$IF.dhc file visible > in the zone, and write the raw DHCPACK there. There are probably > better ways of doing this, such as making dhcpagent's internal control > socket (used by dhcpinfo) available in the zone. as long as it will work with BrandZ I basically don't care... thanx, Martin ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zonecfg and dhcp for shared interface?
Martin Man writes: > [EMAIL PROTECTED] wrote: > > > > A question for those who would like this - what other sorts of DHCP > > information would one want to use in this case? The DNS domain name? > > Time server information? > > Well, if I understand this correctly, zoneadmd does plumb and will > eventually do dhcp config of the VNIC. VNIC? I think we were discussing the use of DHCP with regular shared-stack zones and ordinary logical interfaces. > Zone itself has no way to control the VNIC so I don't know how > additional information obtained via DHCP can be passed to the zone > without going straight to its filesystem and playing there with > /etc/resolv.conf and similar files. It would IMHO be nasty and > non-portable (think of non-sparse zone running Nexenta or branded zone > running some flavor of Linux, which is precisely what I'm doing now). I think the proposal would be to make the DHCP-learned information available within the non-global zone, not to go modify the zone's files from the global zone. One way to do this would be to make the /etc/dhcp/$IF.dhc file visible in the zone, and write the raw DHCPACK there. There are probably better ways of doing this, such as making dhcpagent's internal control socket (used by dhcpinfo) available in the zone. > To recap, address, netmask and gateway should be enough for now... Address and netmask are no problem at all; that'll work today. Gateway is more problematic. Dhcpagent intentionally does not install any routes based on anything acquired for logical interfaces. As the man page says: As with physical IPv4 interfaces, the /etc/hostname.hme0:1 and /etc/dhcp.hme0:1 files must also be created in order for hme0:1 to be automatically plumbed and configured at boot. In addition, unlike physical IPv4 interfaces, dhcpagent does not add or remove default routes associated with logical interfaces. There are several reasons for this. First, routes on Solaris do not (and cannot) point at logical interfaces. Instead, they point at physical interfaces -- the actual output path. Secondly, the non-zones usage would likely result in a large number of duplicates. This can probably be revisited (to allow for DHCP-acquired addresses that happen to be on different subnets), but it's potentially tricky. -- James Carlson, Solaris Networking <[EMAIL PROTECTED]> Sun Microsystems / 1 Network Drive 71.232W Vox +1 781 442 2084 MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677 ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zonecfg and dhcp for shared interface?
[EMAIL PROTECTED] wrote: > > A question for those who would like this - what other sorts of DHCP > information would one want to use in this case? The DNS domain name? > Time server information? Well, if I understand this correctly, zoneadmd does plumb and will eventually do dhcp config of the VNIC. Zone itself has no way to control the VNIC so I don't know how additional information obtained via DHCP can be passed to the zone without going straight to its filesystem and playing there with /etc/resolv.conf and similar files. It would IMHO be nasty and non-portable (think of non-sparse zone running Nexenta or branded zone running some flavor of Linux, which is precisely what I'm doing now). To recap, address, netmask and gateway should be enough for now... > dsc HTH, Martin -- http://martinman.net ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zonecfg and dhcp for shared interface?
# zonecfg -z zone1 zone1: No such zone configured Use 'create' to begin configuring a new zone. zonecfg:zone1> create zonecfg:zone1> set zonepath=/localzones/zone1 zonecfg:zone1> add net zonecfg:zone1:net> set physical=e1000g0 zonecfg:zone1:net> set address=dhcp zonecfg:zone1:net> end zonecfg:zone1> verify zonecfg:zone1> exit # zoneadm -z zone1 install could not verify net address=dhcp physical=e1000g0 Neither an IPv4 nor an IPv6 address nor a host name zoneadm: zone zone1 failed to verify zoneadm(1M) has no notion of the "dhcp" keyword. What you've done above is request a shared stack zone be created with an IPv4 address of the *hostname* called "dhcp". If you don't have such a name in your "hosts" map, then you'll see the above error. The resolution of 5005887 RFE: zoneadmd should support plumbing an interface via DHCP in snv_57 was for exclusive stack zones only. There had been talk of providing a similar capability for shared stack zones at one point but I don't know the current status of that. The fix that James mentioned for 6386331 dhcpagent should implement RFC 4361 client identifier should help in this respect but it isn't sufficient by itself. Both zoneadmd(1M) and dhcpagent(1M) require further changes in order to provide shared stack zones a dynamic address capability. A question for those who would like this - what other sorts of DHCP information would one want to use in this case? The DNS domain name? Time server information? dsc ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zonecfg and dhcp for shared interface?
Martin Man wrote: Steffen Weiberle wrote: Hi Martin, looking at your question again... What are the requirements? Do non-global zones need to get their address via DHCP? yes, not necessarily from the non-global zone, the address can be assigned and renewed periodically from the global zone, local zone will get the interface as is. Do non-global zones need to share a single interface? yes, I don't have more physical interfaces to give to the non-global zones Does the global zone need to control or limit routing and other network setups? could be, although not a strict requirement Anything else? the goal is to provide simple enough setup to just give a non-global zone virtual interface and network works out of the box, e.g., dhcp takes care of it, without playing with manually configuring IP. kind of: zonecfg> add net; set physical=bge0; set address=dhcp; end Once the crossbow VNIC bits ship you'd be able to do this, but the detailed zonecfg syntax might be different (and presumably sysidtool in the zone will determine whether static IP or DHCP is used). Before then you can use Nevada (and the next S10 update) with exclusive-IP zones if the network uses VLANs. E.g., bge1000 is assigned to zoneA, bge2000 is assigned to zoneB. Erik ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zonecfg and dhcp for shared interface?
Steffen Weiberle writes: > > The part that's missing is allowing DHCP to be configured in zonecfg > > The zonecfg part works. OK. > > and correctly handled by zoneadmd. I don't see how zoneadm itself > > could be at all involved. > > zoneadm's verification fails. Ah, ok -- it's probably zonecfg_valid_net_address. > who does the work to 'ifconfig > addif' on behalf of a non-global zone when the IP address is set? zoneadmd does this. > Is that not zoneadm*? It can't be the zone itself, since it does > not have the privileges. Right. The zoneadm utility uses a door call to ask the daemon to do the startup/shutdown work. > > I see. I think that just pushes the issue elsewhere, as you have to > > deal with (potentially) very large numbers of MAC addresses. > > Is the concern about DHCP handling that? No. > With hardware rings and > soft MAC, the number of MAC addresses is going to get large. And > it may be necessary to be able to fully utilize 10GbE interfaces and > still offer virtualization, flow management, etc. The concern is that for VNICs (as best I understand), you need a separate MAC address for each instance. That's a potential administrative burden if you have hundreds or thousands of these things. The new DHCP logical interface support doesn't suffer from that problem. It's able to create unique identifiers without administrative intervention. So, yes, I think you could potentially solve that same problem of having multiple zones on one physical interface using VNICs, and there are probably some advantages to doing so, but one detraction would be having to manage the MAC addresses. Doing the same thing by using DHCP's support for logical interfaces would avoid that particular problem. -- James Carlson, Solaris Networking <[EMAIL PROTECTED]> Sun Microsystems / 1 Network Drive 71.232W Vox +1 781 442 2084 MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677 ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zonecfg and dhcp for shared interface?
James Carlson wrote: Steffen Weiberle writes: Looking at 5005887 some more "Note that with the putback of PSARC/2004/522 into s10_63, the dhcpagent now supports configuration of logical interfaces, which would seem to meet the modification proposed in the description." That's a pretty old note. The 2004/522 support for logical interfaces And now I notice it is s10_63, not snv_63 :) required the user to come up with client IDs for each logical interface. That would make it somewhat hard to use with Zones. The code that I added for CR 6386331 upgrades that existing logical interface support so that you don't have to forge up your own client IDs manually. That makes it ideal for use with Zones. So it seems zoneadm (and maybe zoneadmd) still require some additional work. The related CRs did not point in such a direction. The part that's missing is allowing DHCP to be configured in zonecfg The zonecfg part works. and correctly handled by zoneadmd. I don't see how zoneadm itself could be at all involved. zoneadm's verification fails. who does the work to 'ifconfig addif' on behalf of a non-global zone when the IP address is set? Is that not zoneadm*? It can't be the zone itself, since it does not have the privileges. # zonecfg -z zone1 zone1: No such zone configured Use 'create' to begin configuring a new zone. zonecfg:zone1> create zonecfg:zone1> set zonepath=/localzones/zone1 zonecfg:zone1> add net zonecfg:zone1:net> set physical=e1000g0 zonecfg:zone1:net> set address=dhcp zonecfg:zone1:net> end zonecfg:zone1> verify zonecfg:zone1> exit # zoneadm -z zone1 install could not verify net address=dhcp physical=e1000g0 Neither an IPv4 nor an IPv6 address nor a host name zoneadm: zone zone1 failed to verify # ifconfig e1000g0:1 plumb # ifconfig e1000g0:1 auto-dhcp You're looking at the result of CR 6386331 here. I don't see why that's a special case ... I think it is not, and does not require VNICs, just IP Instances. But VNICs allows that with one NIC. I see. I think that just pushes the issue elsewhere, as you have to deal with (potentially) very large numbers of MAC addresses. Is the concern about DHCP handling that? With hardware rings and soft MAC, the number of MAC addresses is going to get large. And it may be necessary to be able to fully utilize 10GbE interfaces and still offer virtualization, flow management, etc. Steffen ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zonecfg and dhcp for shared interface?
Steffen Weiberle writes: > Looking at 5005887 some more > > "Note that with the putback of PSARC/2004/522 into s10_63, the > dhcpagent now supports configuration of logical interfaces, which > would seem to meet the modification proposed in the description." That's a pretty old note. The 2004/522 support for logical interfaces required the user to come up with client IDs for each logical interface. That would make it somewhat hard to use with Zones. The code that I added for CR 6386331 upgrades that existing logical interface support so that you don't have to forge up your own client IDs manually. That makes it ideal for use with Zones. > So it seems zoneadm (and maybe zoneadmd) still require some > additional work. The related CRs did not point in such a direction. The part that's missing is allowing DHCP to be configured in zonecfg and correctly handled by zoneadmd. I don't see how zoneadm itself could be at all involved. > # ifconfig e1000g0:1 plumb > # ifconfig e1000g0:1 auto-dhcp You're looking at the result of CR 6386331 here. > > I don't see why that's a special case ... > > > > I think it is not, and does not require VNICs, just IP Instances. > But VNICs allows that with one NIC. I see. I think that just pushes the issue elsewhere, as you have to deal with (potentially) very large numbers of MAC addresses. -- James Carlson, Solaris Networking <[EMAIL PROTECTED]> Sun Microsystems / 1 Network Drive 71.232W Vox +1 781 442 2084 MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677 ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zonecfg and dhcp for shared interface?
James Carlson wrote: Jeff Victor writes: It seems that someone decided that IP Instances satisfied this need completely. We may need a new CR: "a shared-ip zone should be able to be a DHCP client." Indeed. That's what at least some of the customers asking for this feature wanted -- shared-IP stack, DHCP addressing for zones. As of the integration of CR 6386331 (also, coincidentally, in build 57), this ought to be fairly straightforward. Looking at 5005887 some more "Note that with the putback of PSARC/2004/522 into s10_63, the dhcpagent now supports configuration of logical interfaces, which would seem to meet the modification proposed in the description." So it seems zoneadm (and maybe zoneadmd) still require some additional work. The related CRs did not point in such a direction. # cat /etc/motd Sun Microsystems Inc. SunOS 5.11 snv_64 October 2007 # ifconfig e1000g0:1 plumb # ifconfig e1000g0:1 auto-dhcp # ifconfig e1000g0:1 e1000g0:1: flags=201004843 mtu 1500 index 2 inet 192.168.53.165 netmask ff00 broadcast 192.168.53.255 # While we're here, with VNICs, will we be able to do: set ip-type=exclusive add net set physical=vnic0 end and then specify dhcp in sysidcfg, the way we can with exclusive-ip? I don't see why that's a special case ... I think it is not, and does not require VNICs, just IP Instances. But VNICs allows that with one NIC. http://www.opensolaris.org/os/project/crossbow/faq/#ipinst_dhcpclient ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zonecfg and dhcp for shared interface?
Jeff Victor writes: > It seems that someone decided that IP Instances satisfied this need > completely. We may need a new CR: "a shared-ip zone should be able to be a > DHCP client." Indeed. That's what at least some of the customers asking for this feature wanted -- shared-IP stack, DHCP addressing for zones. As of the integration of CR 6386331 (also, coincidentally, in build 57), this ought to be fairly straightforward. > While we're here, with VNICs, will we be able to do: > > set ip-type=exclusive > add net > set physical=vnic0 > end > > and then specify dhcp in sysidcfg, the way we can with exclusive-ip? I don't see why that's a special case ... -- James Carlson, Solaris Networking <[EMAIL PROTECTED]> Sun Microsystems / 1 Network Drive 71.232W Vox +1 781 442 2084 MS UBUR02-212 / Burlington MA 01803-2757 42.496N Fax +1 781 442 1677 ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zonecfg and dhcp for shared interface?
Steffen Weiberle wrote: Jeff Victor wrote: Steffen Weiberle wrote: Zones does not support providing a shared interface (via logical interfaces such as bge0:2) to a zone. ...because that would violate the security model. A 'typo' on my end. I meant to say zone does not provide DHCP support on a shared interface using logical interfaces. I don't think this violates the security model, since the global zone could be doing the DHCP client work on behalf of the non-global zone. I only meant that two zones cannot share a network interface, e.g. "bge0" (not including its logical interfaces), "bge0:0", etc). They can share a physical interface, but not a logical, or... what *is* bge0 called if you're excluding its logical interfaces? IOW, if two zones were allowed to share bge0:0, *that* would break the security model. Searching again (my first one did not find it), shows that CR 5005887 was integrated into build 57. But it does not work. zonecfg allowed me to set the address of an interface to 'dhcp'. But zoneadm did not like that. It seems that someone decided that IP Instances satisfied this need completely. We may need a new CR: "a shared-ip zone should be able to be a DHCP client." While we're here, with VNICs, will we be able to do: set ip-type=exclusive add net set physical=vnic0 end and then specify dhcp in sysidcfg, the way we can with exclusive-ip? If not, we should add a CR for that, too. Steffen 5005887: RFE: zoneadmd should support plumbing an interface via DHCP -- -- Jeff VICTOR Sun Microsystemsjeff.victor @ sun.com OS AmbassadorSr. Technical Specialist Solaris 10 Zones FAQ:http://www.opensolaris.org/os/community/zones/faq -- ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zonecfg and dhcp for shared interface?
Hi Martin, Martin Man wrote: Steffen Weiberle wrote: Hi Martin, looking at your question again... What are the requirements? Do non-global zones need to get their address via DHCP? yes, not necessarily from the non-global zone, the address can be assigned and renewed periodically from the global zone, local zone will get the interface as is. Do non-global zones need to share a single interface? yes, I don't have more physical interfaces to give to the non-global zones Does the global zone need to control or limit routing and other network setups? could be, although not a strict requirement Anything else? the goal is to provide simple enough setup to just give a non-global zone virtual interface and network works out of the box, e.g., dhcp takes care of it, without playing with manually configuring IP. kind of: zonecfg> add net; set physical=bge0; set address=dhcp; end All makes sense. And I tried the above and it works. Just zoneadm does not approve of it :) [yet]. Which is odd since CR 5005887 is integrated into 57. Steffen Thanks Steffen hope that explains it, Martin ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zonecfg and dhcp for shared interface?
Jeff Victor wrote: Steffen Weiberle wrote: Martin Man wrote: Steffen Weiberle wrote: OK, great FAQ, but they assume the interface is exclusively accessed from a zone, my question was about the virtual interface, e.g., bge0 that is shared among multiple zones as bge0:1, bge0:2, etc..? The qeustion remains unanswered? How will crossbow and IP instances help me here? BTW I'm playing with Nevada latest build. Zones does not support providing a shared interface (via logical interfaces such as bge0:2) to a zone. ...because that would violate the security model. A 'typo' on my end. I meant to say zone does not provide DHCP support on a shared interface using logical interfaces. I don't think this violates the security model, since the global zone could be doing the DHCP client work on behalf of the non-global zone. Searching again (my first one did not find it), shows that CR 5005887 was integrated into build 57. But it does not work. zonecfg allowed me to set the address of an interface to 'dhcp'. But zoneadm did not like that. Steffen 5005887: RFE: zoneadmd should support plumbing an interface via DHCP ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zonecfg and dhcp for shared interface?
Steffen Weiberle wrote: Hi Martin, looking at your question again... What are the requirements? Do non-global zones need to get their address via DHCP? yes, not necessarily from the non-global zone, the address can be assigned and renewed periodically from the global zone, local zone will get the interface as is. Do non-global zones need to share a single interface? yes, I don't have more physical interfaces to give to the non-global zones Does the global zone need to control or limit routing and other network setups? could be, although not a strict requirement Anything else? the goal is to provide simple enough setup to just give a non-global zone virtual interface and network works out of the box, e.g., dhcp takes care of it, without playing with manually configuring IP. kind of: zonecfg> add net; set physical=bge0; set address=dhcp; end Thanks Steffen hope that explains it, Martin ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zonecfg and dhcp for shared interface?
Hi Martin, looking at your question again... Martin Man wrote: Steffen Weiberle wrote: Hi Martin, Martin Man wrote: Hi all, I'd like to use shared interface in my zone and configure it using dhcp when I invoke zoneadm -z boot. This is not possible without IP Instances. To do this with a single interface you will also need VNICs. IP Instances are Solaris Nevada already. VNICs won't arrive until later this year. http://www.opensolaris.org/os/project/crossbow/faq/ OK, great FAQ, but they assume the interface is exclusively accessed from a zone, my question was about the virtual interface, e.g., bge0 that is shared among multiple zones as bge0:1, bge0:2, etc..? The qeustion remains unanswered? How will crossbow and IP instances help me here? BTW I'm playing with Nevada latest build. What are the requirements? Do non-global zones need to get their address via DHCP? Do non-global zones need to share a single interface? Does the global zone need to control or limit routing and other network setups? Anything else? Thanks Steffen ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zonecfg and dhcp for shared interface?
Steffen Weiberle wrote: Martin Man wrote: Steffen Weiberle wrote: OK, great FAQ, but they assume the interface is exclusively accessed from a zone, my question was about the virtual interface, e.g., bge0 that is shared among multiple zones as bge0:1, bge0:2, etc..? The qeustion remains unanswered? How will crossbow and IP instances help me here? BTW I'm playing with Nevada latest build. Zones does not support providing a shared interface (via logical interfaces such as bge0:2) to a zone. ...because that would violate the security model. -- -- Jeff VICTOR Sun Microsystemsjeff.victor @ sun.com OS AmbassadorSr. Technical Specialist Solaris 10 Zones FAQ:http://www.opensolaris.org/os/community/zones/faq -- ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zonecfg and dhcp for shared interface?
Martin Man wrote: Steffen Weiberle wrote: Hi Martin, Martin Man wrote: Hi all, I'd like to use shared interface in my zone and configure it using dhcp when I invoke zoneadm -z boot. This is not possible without IP Instances. To do this with a single interface you will also need VNICs. IP Instances are Solaris Nevada already. VNICs won't arrive until later this year. http://www.opensolaris.org/os/project/crossbow/faq/ OK, great FAQ, but they assume the interface is exclusively accessed from a zone, my question was about the virtual interface, e.g., bge0 that is shared among multiple zones as bge0:1, bge0:2, etc..? The qeustion remains unanswered? How will crossbow and IP instances help me here? BTW I'm playing with Nevada latest build. Zones does not support providing a shared interface (via logical interfaces such as bge0:2) to a zone. Steffen Steffen thanx, Martin ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zonecfg and dhcp for shared interface?
Steffen Weiberle wrote: Hi Martin, Martin Man wrote: Hi all, I'd like to use shared interface in my zone and configure it using dhcp when I invoke zoneadm -z boot. This is not possible without IP Instances. To do this with a single interface you will also need VNICs. IP Instances are Solaris Nevada already. VNICs won't arrive until later this year. http://www.opensolaris.org/os/project/crossbow/faq/ OK, great FAQ, but they assume the interface is exclusively accessed from a zone, my question was about the virtual interface, e.g., bge0 that is shared among multiple zones as bge0:1, bge0:2, etc..? The qeustion remains unanswered? How will crossbow and IP instances help me here? BTW I'm playing with Nevada latest build. Steffen thanx, Martin ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] zonecfg and dhcp for shared interface?
Hi Martin, Martin Man wrote: Hi all, I'd like to use shared interface in my zone and configure it using dhcp when I invoke zoneadm -z boot. What's the best strategy to do it? I haven't found anything related to dhcp in zonecfg manpage and searching b.o.o for zonecfg dhcp does not reveal anything. This is not possible without IP Instances. To do this with a single interface you will also need VNICs. IP Instances are Solaris Nevada already. VNICs won't arrive until later this year. http://www.opensolaris.org/os/project/crossbow/faq/ Steffen thanx, Martin ___ zones-discuss mailing list zones-discuss@opensolaris.org
