Hi all,
I'm pleased to read I'm not the sole victim of what I'm calling
"the solaris zone route bug".
Please take a look below to my comment.
Le 10 nov. 08 à 17:51, Tommy McNeely a écrit :
> On Nov 10, 2008, at 7:09 AM, Paul Kraus wrote:
>
>> On Sun, Nov 9, 2008 at 10:34 PM, Tommy McNeely
>> <[EMAIL PROTECTED]> wrote:
>>
> ... hence my "shared-ip is the only thing available (feasible)"
> comment :)
>
>>
>> If this has changed, or is being worked on in OpenSolaris, I
>> would *love* to hear about it.
>
> Network interface virtualization!
>
> http://opensolaris.org/os/project/crossbow/
>
> I think some of the deep dark kernel stuff is integrated to
> OpenSolaris (and thus Solaris Express), but not everything yet?
Crossbow will be the solution. Sure ! But when ? And on which version
of Solaris ?
For now Exclusive-IP is a sort of workaround. Not a real one !
See why :
- IPFilter rules are visible from the zone. With Shared-IP, they not.
- If you need an IPMP configuration, you need to setup 2 physicals
interfaces (or 801.1Q switch) and 3 IP-address per zone
- Exclusive-IP are not available on all physical interfaces on S10
(I have an old qfe on my desk I'd love to use !)
- When you just try to use default mechanisms (I mean shared-IP,
default route defined on global zone), you're never sure of where you
IP packets will be sent (thru which default router ?)
To be short, Exclusive-IP is a great enhancement to S10, but we'll
need at least two other stuff before crossbow :
1) Exclusive-IP for ANY NIC
2) A clever routing mechanism to associate different routing tables on
different zones.
My .02 euro-cents.
Nico
_______________________________________________
zones-discuss mailing list
zones-discuss@opensolaris.org
