Can any one explain me Shared-IP and Exclusive IP ??

vijaysachin · November 18, 2009, 1:19am

Hi All,

I want to know what is shared-IP and exclusive-IP while configuring zone?

How the global zone and non-global communicate with each other?

When I do ifconfig -a on my machine it shows below output

My doubt is they are physical and virtual interfaces in below output what is physical interface and what is virtual interface?

How these Interfaces are set? So what type of interface non-global zone use?

Please explain me

lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
        inet 127.0.0.1 netmask ff000000 
lo0:1: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
        zone ora-zoneA
        inet 127.0.0.1 netmask ff000000 
ce0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
        inet 10.89.233.92 netmask ffffff00 broadcast 10.89.233.255
        ether 0:14:4f:24:2b:bc 
ce1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 3
        inet 100.100.101.92 netmask ffffff00 broadcast 100.100.101.255
        ether 0:14:4f:24:2b:bd 
ce1:1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 3
        zone ora-zoneA
        inet 100.100.101.94 netmask ffffff00 broadcast 100.100.101.255
ce2: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 4
        inet 100.100.125.92 netmask ffffff00 broadcast 100.100.125.255
        ether 0:14:4f:24:2b:be 
ce2:1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 4
        inet 10.39.120.92 netmask ffffff00 broadcast 10.39.120.255
ce2:2: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 4
        inet 10.39.122.92 netmask ffffff00 broadcast 10.39.122.255
ce2:3: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 4
        inet 10.39.124.92 netmask ffffff00 broadcast 10.39.124.255
ce3: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 5
        inet 100.100.126.92 netmask ffffff00 broadcast 100.100.126.255
        ether 0:14:4f:24:2b:bf 
ce3:1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 5
        inet 10.39.121.92 netmask ffffff00 broadcast 10.39.121.255
ce3:2: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 5
        inet 10.39.123.92 netmask ffffff00 broadcast 10.39.123.255
ce3:3: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 5
        inet 10.39.125.92 netmask ffffff00 broadcast 10.39.125.255

incredible · November 18, 2009, 7:27am

exclusive means the IPs for zones is configured on a separate individual port. for shared, it means that it lies on top of you global zone's IP interface. If you global IP interface for some reason is down, it will affect your local zone as well. For exclusive, you're safe

jlliagre · November 18, 2009, 8:11am

The global interface can be disabled (ifconfig xxx down) while the virtual (shared) IPs stays up.

incredible · November 18, 2009, 8:45am

virtual - shared or exclusive??

jlliagre · November 18, 2009, 8:50am

Can be but shared. An exclusive IP isn't virtual, it a real interface own by the non global zone and not visible from the global one.

incredible · November 18, 2009, 8:59am

My understanding is, if its shared and its a virtual, bringing down a physical interface will affect the virtual

jlliagre · November 18, 2009, 9:30am

As I wrote, bringing the global zone interface down won't affect the non-global zone virtual one(s).
Unplumbing (or unplugging ) it will.

incredible · November 18, 2009, 9:41am

Yes, you're right.. My mind was "thinking" about plumbing/unplumbing.. No wonder I got confused. The keyword you used is "down".. Thanks

sbk1972 · November 23, 2009, 2:14am

Lets relate it to hose pipes. Shared IP is like you are using one hose that is shared to a number of flats. Exclusive IP is like your flat having its own hose pipe.

I use shared and exclusive. In the global zone Ive created an aggregated link ( joined a number of nics together to make a really fast NIC, or `pipe`) On a number of training zones, Ive then used this NIC as a SHARED IP, i.e. that the 5 training zones using that pipe, each having a virtual ip configured using the underlying pipe.

On a production zone, where I want more control of the NIC, Ive created the production zone using exclusive NIC. Within the zone configuration file ( zonecfg ) I just tell it that Im using the exxclusive-ip and tell it what nic the zone will have.

Exclusive-IP allows for greater control over the NIC, SHared-IP doesnt, as the Global zone controls the underlying hardware. When it comes to zones and hardware, zones dont have truely 100% control over it. ITs like a client PC using a proxy server to surf the web. On the surface it looks like your internet request surfs the net, but infact its your proxy server that is doing it. So, sometimes the application, zone, needs more control over its NIC, if you are using clustering software, IPMP etc etc, so you use the EXclusive-IP in this situation.

Sorry if my explanation is a bit over the place

SBK