[brandz-discuss] lx brandz on intel: nslookup/dig failures
Erik Nordmark
erik.nordmark at sun.com
Thu Aug 10 01:31:02 PDT 2006
Edward Pilatowicz wrote:
>> I was thinking of this: http://blogs.sun.com/roller/page/edp, but it sounds
>> like you have a different problem than I thought.
>>
>> Ed's blog shows how to set up a private network on a single machine, but
>> you have a private network shared by multiple machines. If you only have a
>> single network device, I don't think your non-global zones can be on a
>> different subnet than the global zone. Ed, do you know off the top of your
>> head whether this is true?
>>
>
> i'm sure you could configure a system like this, but it probably
> wouldn't work. (there would be no default route on the non-global zone
> subnets so they wouldn't be able to talk to any other hosts.)
Some users that have disjoint VLANs have managed to configure zones to
use separate VLANs and get it to (mostly) work, but this is hard to
setup. And it isn't something we support.
I recall some external web page giving examples of how it could be done,
but I don't have the pointer to that page.
The idea is to
1. Make the global zone have an interface on each VLAN, but with IP
address 0.0.0.0 and not bring it up. E.g., ifconfig bge33000 plumb
2. Specify this as physical in zonecfg
3. Once the zone is made ready, add a default route where the gateway is
in the subnet of the zone.
Erik
More information about the brandz-discuss
mailing list