My normal procedure is to image-update, reboot, check that everything is working then update each zone. This has always worked because the zones would still be running. All my external services are running in zones (dns, smtp, http, ftp) so when I reboot I have no dns and therefore can't update the zones. Not much I can do about the single point of failure so is there a way I can update the zone before I reboot?

If zones sometimes appear to work in your example above, then
that is simply luck and not by design.  It is certain that things
will break in that configuration from time to time.  If you want to
update the zones before updating the global zone then you might be
able to halt the zones, detach them, then use the -R option to the
pkg command to update  the zone's roots.  However, I've never tried
that.  As I said, this is all a temporary limitation until the
pkg code is enhanced to automatically keep the zones in sync
with the global zone.

