On 10/ 1/10 09:42 AM, Orvar Korvar wrote:
Ok, now I am confused.

I want to shut down all internet connection to my global zone. I dont want to 
shut down the global zone, only the internet connection. I want to reach 
internet only from local zones. Some of the local zones will have a server 
application running. Others will just be used for surfing. I will install 
VirtualBox in the local zones.

I don't think you can install VirtualBox in a zone. If you are using VirtualBox, you can use the same networking tricks to get isolation as you would use for a zone.

Is this possible or not? Some say yes, other say no?

The response you didn't quote answered your question:

On 09/30/10 08:38 AM, Glenn Faden wrote:
Assuming you're using the shared IP stack (default), it is sufficient for the global zone interface(s) to be plumbed so that the non-global zones can use logical instances of the interface(s). So setting the GZ interfaces as "down' will prevent network access to/from the global zone.

I believe I should use exclusive-ip in the local zones? Or?
You can, but you don't have to.


zones-discuss mailing list

Reply via email to