> I have a dns server running on my global zone (admin_low), but my > local (tx / non-cipso) zones can not do a nslookup, or even ping > the global. I did not expect the ping to work, but what about a > dns lookup to an admin_low host? Is this a tnzonecfg redirect? or > am I missing something?
The resolver in a zone doesn't contact the DNS-server itself: it makes a door-call to nscd in the global zone, which does the lookup on its behalf -- so there is no need for network connectivity between the labeled zone and the DNS-server (wherever it's running). Bart
