The reason is that ifconfig in the global is not involved in configuring IP
for the exclusive-IP zones; that is done by ifconfig running inside the
This is by design different than the IP configuration for the shared-IP
zones; those are both configurable as well as observable using ifconfig in
the global zone.
Furthermore, since the primary purpose of IP Instances is IP-level isolation
(between different zones that are connected to different LANs or different
VLANs), the design is to have no IP-level sharing. Having ifconfig "leak"
information from non-global zones to the global zone might at least make it
appear that some leakage is possible.
Yes, that's one of the reasons I suggested having dladm(1M) be the
place to display this information since it's where links are
administered in general, even the ones that will be handed off to
zones-discuss mailing list