All vmadm nics are created as VNICs prior to boot. Since you are trying to assign igb1's MAC address to the zone's VNIC it should fail to create. I'm actually surprised you are able to start the zone at all. Instead you should see failure messages similar to the following.
# vmadm start 6b4cba1d-7f80-e01e-9acc-8499037b4737 Unable to start VM 6b4cba1d-7f80-e01e-9acc-8499037b4737: first of 1 error: Command failed: zone '6b4cba1d-7f80-e01e-9acc-8499037b4737': error creating VNIC net1 (global NIC igb1) zone '6b4cba1d-7f80-e01e-9acc-8499037b4737': msg: dladm: vnic creation over igb1 failed: MAC address reserved for use by underlying data-link zone '6b4cba1d-7f80-e01e-9acc-8499037b4737': Failed cmd: dladm create-vnic -t -l igb1 -p mtu=1500,zone=6b4cba1d-7f80-e01e-9acc-8499037b4737 -m 18:66:da:a4:13:57 tmp192100 zone '6b4cba1d-7f80-e01e-9acc-8499037b4737': destroying snapshot: No such zone configured zoneadm: zone '6b4cba1d-7f80-e01e-9acc-8499037b4737': call to zoneadmd failed -rpz On Tue, May 29, 2018 at 10:56 AM, Gareth Howell <[email protected]> wrote: > My home server has two physical NICs but I've only been using one so far. > I now want to use the second to create a DMZ from the router rather than > having external traffic NAT'd into the server. > I already have an Ubuntu KVM that runs a reverse proxy but initially only > had the primary NIC included in its configuration. > I am trying to convince the KVM it now has two NICs but not having a great > deal of success. > dladm show-phys gives > > LINK MEDIA STATE SPEED DUPLEX DEVICE > > igb0 Ethernet up 1000 full igb0 > > igb1 Ethernet up 1000 full igb1 > > ixgbe0 Ethernet down 0 unknown ixgbe0 > > ixgbe1 Ethernet down 0 unknown ixgbe1 > dladm show-phys -m gives > > LINK SLOT ADDRESS INUSE CLIENT > > igb0 primary c:c4:7a:75:8c:2e yes igb0 > > igb1 primary c:c4:7a:75:8c:2f yes igb1 > > ixgbe0 primary c:c4:7a:75:90:16 yes ixgbe0 > > ixgbe1 primary c:c4:7a:75:90:17 yes ixgbe1 > > /usbkey/config contains > > # > > # This file was auto-generated and must be source-able by bash. > > # > > > # admin_nic is the nic admin_ip will be connected to for headnode zones. > > admin_nic=c:c4:7a:75:8c:2e > > admin_ip=172.29.12.15 > > admin_netmask=255.255.255.0 > > admin_network=172.29.12.0 > > admin_gateway=172.29.12.15 > > > #external_nic is the second physical nic on the server > > dmz_nic=c:c4:7a:75:8c:2f > > #external0_ip=172.29.13.15 > > #external0_netmask=255.255.255.0 > > #external0_gateway=172.29.13.1 > > > headnode_default_gateway=172.29.12.1 > > > dns_resolvers=172.29.12.7,8.8.4.4 > > dns_domain=agdon.net > > > ntp_hosts=0.smartos.pool.ntp.org > > compute_node_ntp_hosts=172.29.12.15 > > > root_authorized_keys_file=authorized_keys > > default_keymap=uk > > dladm show-vnic gives > > LINK OVER SPEED MACADDRESS MACADDRTYPE VID ZONE > > eth0 igb0 0 62:71:db:d:c4:cd fixed 0 > 32423f75-d86f-c531-bcb6-b67d92275d6c > > eth0 igb0 0 e2:e6:84:4e:22:3f fixed 0 > 2db2eea0-f833-4a89-890a-8edcc7c8f685 > > eth0 igb0 0 32:b7:42:80:e7:ba fixed 0 > ff8b3ad2-e7e2-e056-c01b-ac8dad184937 > > eth0 igb0 0 72:cb:65:db:a5:53 fixed 0 > 147f4eca-1783-4b80-d7e4-9a1d4420567a > > eth0 igb0 0 c2:e2:c8:b2:1f:6e fixed 0 > 2a9bfaf4-ddf1-e146-ab80-e2f8723ec714 > > eth0 igb0 0 22:10:4c:6c:ec:5d fixed 0 > 0246b0fe-771c-60ba-cbe6-92ea5795117b > > net0 igb0 0 12:2f:ff:af:37:69 fixed 0 > d9ad31fd-f4cf-4791-b322-44f4a0e98f62 > > net0 igb0 0 22:58:2c:53:ae:9f fixed 0 > 4bc5b510-2d5d-e47e-c3bc-d492dfeae320 > > (Note: no mention of any vnic over igb1) > and vmadm get <vm> | json nics gives > > [ > > { > > "interface": "net0", > > "mac": "22:58:2c:53:ae:9f", > > "nic_tag": "admin", > > "gateway": "172.29.12.1", > > "gateways": [ > > "172.29.12.1" > > ], > > "netmask": "255.255.255.0", > > "ip": "172.29.12.9", > > "ips": [ > > "172.29.12.9/24" > > ], > > "model": "virtio", > > "primary": true > > }, > > { > > "interface": "net1", > > "mac": "0c:c4:7a:75:8c:2f", > > "nic_tag": "dmz", > > "gateway": "172.29.13.1", > > "gateways": [ > > "172.29.13.1" > > ], > > "netmask": "255.255.255.0", > > "ip": "172.29.13.9", > > "ips": [ > > "172.29.13.9/24" > > ], > > "model": "virtio" > > } > > ] > > In the KVM > /etc/networking/interfaces has > > # This file describes the network interfaces available on your system > > # and how to activate them. For more information, see interfaces(5). > > > source /etc/network/interfaces.d/* > > > # The loopback network interface > > auto lo > > iface lo inet loopback > > > # The primary network interface > > auto ens3 > > iface ens3 inet dhcp > > > iface ens4 inet static > > address 172.29.13.9/24 > > gateway 172.29.13.1 > > Despite all this, the KVM denies any knowledge of the second NIC. > > Any ideas? > > Regards > > Gareth > > *smartos-discuss* | Archives > <https://www.listbox.com/member/archive/184463/=now> | Modify > <https://www.listbox.com/member/?> Your Subscription > <http://www.listbox.com> > ------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125 Powered by Listbox: http://www.listbox.com
