Ok, this "allowed-adress" seems interesting. It allows me to tie one single IP 
adress to a NIC, and no other IP adresses are allowed.
http://docs.sun.com/app/docs/doc/821-1479/chapter5-2?l=sv&a=view

(I must use exclusive-ip, because several SunRay users can not simultaneously 
access my network, unless VirtualBox is using bridged NIC (this requires 
exclusive-ip). NAT does not allow several SunRay users to access my network. I 
must use shared-folders when using NAT.)




So, I will use something like this picture:
http://docs.sun.com/source/821-1458/images/example_virtual_network.gif

I will not surf from the global zone. I will install VirtualBox inside each 
local zone, and install WinXP in each local zone. So, how do I use 
"allowed-adress" here? I use it to tie a vnic to a local zone? Or can I use 
"allowed-adress" to tie the global zone to the SunRay thin clients, and allow 
no internet traffic to reach the global zone, because it is tied to the SunRay 
clients? 

I would like my local zones, separated from the global zone. So, hacker 
attempts to my local zones, does not reach the global zone.



(I have also considered installing Sunray software in a local zone, but that 
means all SunRay users are collected into one local zone. And they all run 
software in the same local zone. Which is not really what I want. I want 
separate local zones, with virtual machines in each.)
-- 
This message posted from opensolaris.org
_______________________________________________
zones-discuss mailing list
zones-discuss@opensolaris.org

Reply via email to