On Fri, Jan 23, 2009 at 4:27 AM, Jon Anderson <jon.ander...@sun.com> wrote:
> Do you have more details on your zone configuration? If you are
> using exclusive stack zones then this is expected.
Hmm, I thought the exact opposite. zones of type exclusive-ip type,
plumbed on different interfaces, will drive their traffic out one IF
and into the other. I believe Steffen Weiberle did some test to
measure the delay as opposed to using the internal loopback mechanism.
Unless ip_restrict_interzone_loopback is 0 (the default is 1 on OS).
You can have zones of type exclusive-ip plumbed on different
interfaces but not cabled up if this parameter is set to 0.
This is what I gleaned from reading what little there is about this
param. Otherwise ... how could you ever have traffic going from
zone1:e1000g1 to zone2:e1000g2 without a cable?
Anyhow, this may be a JASS problem because JASS will enable ipfilter
on the global zone but JASS's mod to ipf.conf does not pass lo0
traffic. And yet, ... my understanding is that the internal loopback
"mechanism" does not really involve lo0. By the time we got it sorted
out last night we were all out of gas, so we didn't get to the bottom
If you can describe exactly how I can get traffic from zone1:e1000g1
to zone2:e1000g2 without cabling up the interfaces, that would solve
zones-discuss mailing list