Since this issue seems to involve several different components, I'm posting
here in sysadmin. If someone thinks I'd have better luck elsewhere, please let
me know.
I'm running a multi-zone OpenSolaris 2009.06 configuration on a Sun X2200. I'm
using a non-global zone ("router01") to provide NATed access from my internal
192.168.1.0/24 network to my 172.16.0.104/29 outside network. The router zone
is using vnics for it's network interfaces.
Everything runs fine for a while, with "a while" being anything from a couple
hours to more than a week, then hosts on the internal network loose connection
to the outside world. What's strange is that some traffic still gets out and
back in. DNS lookups for example. Although I cannot use a browser to pull up
opensolaris.org, I can still use dig to lookup DNS information for it... and
no, before you ask, I'm not running any form of DNS server on my networks.
Once things break the only fix I've found is to reboot the whole system.
Reboots of just the router zone do not fix the problem. I've also tried
flushing the nat rules, flushing the nat tables, and reloading the nat rules
with no change in behavior.
A few details, if they are any help:
router zone's ipnat.conf contents:
map vnic0 192.168.1.0/24 -> 0/32 portmap tcp/udp auto
map vnic0 192.168.1.0/24 -> 0/32
router zone's ipfilter rule sets are empty
routerzone is configured for ipv4 forwarding with a default route of
172.16.0.110 (which is where the firewall/router/gateway for my DSL lives)
Are there giant "Don't use zones, ipnat, ipv4 forwarding, /etc/defaultrouter
and crossbow together" warnings out there that I've missed? Anyone have any
ideas for things I can check? Anyone have any pointers for diagnostics I should
run the next time this happens?
Any help will be greatly appreciated.
-Eric
--
This message posted from opensolaris.org
_______________________________________________
sysadmin-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/sysadmin-discuss
