Steffen Weiberle wrote:
On 08/18/09 13:58, Robert Hartzell wrote:
I have a host that's on two subnets:
    10.0.0.0/24 (all external facing services through a firewall)
    192.168.0.0/24 (internal lan)
I wish to move my external services into zones (dns, smtp, webstack) but am having problems which I believe are caused by routing issues. In the global zone 2 nics are assigned the address 10.0.0.2 & 192.168.0.100. So I create a vnic on the 10.0.0.0/24 subnet and then a zone, only one problem, no route out of the subnet.


Shared or Exclusive IP Instance? I imagine exclusive, since you created a VNIC, although one does not require the other.

In this instance it's an exclusive ip instance but I have tried with a shared instance also, which produced the same results.


 > I believe this would be fixed by
enabling ipv4-routing & ipv4-forwarding  so I try:

Forwarding is only required if you want to move IP datagrams through the system, in one data link, out another.

Thanks for that info.


# routeadm -e ipv4-routing
Pattern 'route:default' doesn't match any instances

I believe that would be fixed by "pkg install SUNWroute", which of course I can't do because there is no route out...

I guess that has routing daemon(s) in it?

Path out is different than routing. Can you set a default route (this will depend on shared vs. exclusive IP


the default route on my internal network is 192.168.0.100 but this is unreachable from inside the zone. I can set /etc/defaultrouter to 10.0.0.2 and then I'm able to ping on both subnets but not the internet.


Any thoughts on how I can fix this or if I'm even on the right track.


I don't know enough about your setup to figure it out.



--
 Robert W Hartzell
bear at rwhartzell.net
  RwHartzell.Net
_______________________________________________
zones-discuss mailing list
zones-discuss@opensolaris.org

Reply via email to