Tony Marshall wrote:

When the application servers and database servers start we are seeing a
large number of timeouts when the application tries to connect to the
localhost to check a service is up.

When a number of blackhole routes are removed these timeouts disappear.


Has anybody tried a
        ping -s localhost
in the various zones?

I'm trying to understand if there is a potential networking issue, or whether there is an issue with the system being to loaded in general.

The system works with just over 2000 routes but we have just provisioned
another 8 zones to this system which has increased the number of
blackhole routes to just over 3000 and the application servers and
database servers start getting timeouts.

So is there a maximum number of routes that can be defined in the global
zones routing table?


Is there another way of blocking zones from talking
to each other without having to use blackhole routes?

There will be in S10U4, when IP Filter can be used to filter packets between zones.

Have we reached
the maximum number of zones we can run on that system because of the
blackhole routes rather than using all of the capacity (CPU and Memory)
on the box?

Each blackhole route might use a few hundered *bytes* of memory, thus even thousands of them isn't a lot of memory these days.

