On Thu, Jul 23, 2009 at 7:32 PM, Jordan Vaughan<[email protected]> wrote: > Hello zones community members, > > I'm one of the engineers working on Solaris 10 Containers (S10Cs) for > OpenSolaris (http://www.opensolaris.org/os/project/s10brand). I'm currently > evaluating networking requirements for S10Cs. Our ultimate goal is to > achieve networking feature parity with native Solaris 10 zones: we will want > S10Cs to do everything that native Solaris 10 zones can do. > > I would appreciate any input you can provide regarding what you (or your > customers) currently do with your native Solaris 10 zones (both exclusive- > and shared-stack zones), especially the commands (arp, snoop, traceroute, > etc.), protocols, and other features/services (SMA, Solstice, IPMP, NAT, IP > Filter, DHCP client/server, IP tunnels, PPP, IPsec, etc.) that you use most > frequently. Your input will help us prioritize networking features and set > realistic expectations for our product.
I'll assume that everything that works in a S10 non-global zone with a shared stack will continue to work in a Solaris 10 container. That is, pretty much anything that doesn't need raw access just works. In order to attract Solaris 10 non-global zones to being S10Cs, the S10C needs to be able to leverage the capabilities of crossbow to get a dedicated IP stack. I don't care if I can us dladm to configure vnics in an S10C or not. I would need some way to tune IP, TCP, UDP, etc. parameters. Ideally this would be via nddconfig[1]. 1.http://src.opensolaris.org/source/xref/sst/gate/src/Files/etc/init.d/nddconfig In order to attract Solaris 10 global zones to being S10Cs, a more somewhat complete feature set is need. A key barrier I would expect to see to application installations is the need for ndd -get and ndd -set to work as they do in Solaris 10 because is part of some applications' pre-installation checks. If Clearview IPMP is not able to provide an IPMP'd interface to the zone that can be independently tuned (e.g. ndd -set /dev/tcp ...) , then IPMP needs to be supported within the S10C. In all cases I need to be able to access tagged VLANs. I don't care much as to whether this happens by creating vnic's in the global zone or some other method. -- Mike Gerdts http://mgerdts.blogspot.com/ _______________________________________________ zones-discuss mailing list [email protected]
