Steffen Weiberle wrote:
Jeff Victor wrote:
Steffen Weiberle wrote:

Zones does not support providing a shared interface (via logical interfaces such as bge0:2) to a zone.

...because that would violate the security model.

A 'typo' on my end. I meant to say zone does not provide DHCP support on a shared interface using logical interfaces.

I don't think this violates the security model, since the global zone could be doing the DHCP client work on behalf of the non-global zone.

I only meant that two zones cannot share a network interface, e.g. "bge0" (not including its logical interfaces), "bge0:0", etc). They can share a physical interface, but not a logical, or... what *is* bge0 called if you're excluding its logical interfaces?

IOW, if two zones were allowed to share bge0:0, *that* would break the security model.

Searching again (my first one did not find it), shows that CR 5005887 was integrated into build 57. But it does not work. zonecfg allowed me to set the address of an interface to 'dhcp'. But zoneadm did not like that.

It seems that someone decided that IP Instances satisfied this need completely. We may need a new CR: "a shared-ip zone should be able to be a DHCP client."

While we're here, with VNICs, will we be able to do:

set ip-type=exclusive
add net
set physical=vnic0

and then specify dhcp in sysidcfg, the way we can with exclusive-ip?

If not, we should add a CR for that, too.


5005887: RFE: zoneadmd should support plumbing an interface via DHCP

Jeff VICTOR              Sun Microsystems            jeff.victor @
OS Ambassador            Sr. Technical Specialist
Solaris 10 Zones FAQ:
zones-discuss mailing list

Reply via email to