Hi Mike, Can you share why you want the NGZ to know about the GZ?
The reason I ask is that we are already doing zones but we will be scaling up the effort quite tremendously and I want to get my bases covered. I currently use our network operations centre software to track which zone is which but the zone owners do not really know which hardware they are in. I personally have not seen any issues whether the zone owners are in the know so I will let the zone owners know if they ask -- but so far, no one ever did. -- Just me, Wire ... On 11/26/06, Mike Gerdts <[EMAIL PROTECTED]> wrote:
On 11/24/06, Jeff Victor <[EMAIL PROTECTED]> wrote: > prakash wrote: > > How to get global zone information from non-global zone, > > any coomand or any file to get the information ? > > Part of the design of the security boundary around a zone is preventing an NGZ > from getting information about its GZ. While this may be true, some information does "leak" into the non-global zone, primarily through network-related information. For example, if you know the hostname or IP address of various global zones (refer to your site's naming standard) you can use "route get". If the MTU matches that of loopback interfaces, the non-global zone is likely on the same machine. $ route get gz282 route to: gz282 destination: gz282 mask: 255.255.255.255 interface: e1000g0 flags: <UP,DONE> recvpipe sendpipe ssthresh rtt,ms rttvar,ms hopcount mtu expire 0 0 0 0 0 0 8232 0 Another way is to refer to the ARP table. This will also give you a pretty good hint of other zones on the same machine: non-global-zone$ arp -a | grep `uname -n` e1000g40000 non-global-zone 255.255.255.255 SP 00:14:4f:0e:ef:ae This command will likely display ARP entries that pertain to every zone that shares that physical interface. non-global-zone$ arp -a | grep 00:14:4f:0e:ef:ae Increment or decrement the MAC by a few and you may discover zones that are using other physical interfaces on the same machine. > However, as the GZ administrator you can place information about the GZ into a > file in the NGZ's file system. You can also automate this so that it happens > periodically. To simplify things, part of my standard zone build process creates a file called /etc/hardwarename. I specifically don't say "gzname" or similar because the same file is intended to be useful with domains (refer to the frame/system controller name), LDOM's, etc. Mike -- Mike Gerdts http://mgerdts.blogspot.com/ _______________________________________________ zones-discuss mailing list email@example.com
_______________________________________________ zones-discuss mailing list firstname.lastname@example.org