Could "ifconfig" be modified to report all network interfaces that
are assigned to a zone?

I assume you mean in the global zone; ifconfig -a inside a zone (global or not) does report all the network interfaces that are configured.

But that would be quite odd.

The reason is that ifconfig in the global is not involved in configuring IP for the exclusive-IP zones; that is done by ifconfig running inside the exclusive-IP zones. This is by design different than the IP configuration for the shared-IP zones; those are both configurable as well as observable using ifconfig in the global zone.

Furthermore, since the primary purpose of IP Instances is IP-level isolation (between different zones that are connected to different LANs or different VLANs), the design is to have no IP-level sharing. Having ifconfig "leak" information from non-global zones to the global zone might at least make it appear that some leakage is possible.

zones-discuss mailing list

Reply via email to