i need to configure a zone to use different interface (bge2) than global and have connected to completely different network switch & to use its own defaultrouter and hosts file .. is it possible ..if so ..how ?
Thanks
yes it is. in zonecfg,
set ip-type=exclusive
add net
set physical=bge2
don't set the ip and the default router. do it inside the zone.
also make sure the interface is unplumbed from the global zone.
hth
Hello,
I have seen it done this way.
If the global zone has 2 interfaces set the one your not useing to IP address 0.0.0.0. Then the zone can use that interface but the global zone will not be able to.
I hope this helps.
@bitlord, this method has many disadvantages. It was useful before exclusive IP zones were introduced but has now lost most of its interest.
jlliagre,
Thanks for the info. I will have to look into exclusive IP zones. Can you tell me the disadvantages of the way I do it. This way I can learn from you.
With shared IP interfaces, you cannot prevent the global zone from doing whatever it wants like capturing the traffic and configuring the zone interface. There is no real isolation. The non global zone has basically no control and cannot even snoop its own (virtual) interface.
With exclusive IP interfaces, the global zone doesn't see the physical interface. The non global zone has full control, can plumb the interface, set its IP statically or dynamically, snoop its traffic, manage routing, and so on.
1 Like
Thanks for the info jlliagre.
I will look into doing it your way. I can't use snoop at work but the other stuff might be really useful.
We can use multiple interfaces in zones.....
Indeed, and your point is ?
This is what i did & zones are now perfectly working independently on its own network connected to completely diff switch
on global:
ifconfig bge2 plumb
ifconfig bge2 10.x.x.x. zone zonexxx netmask + -trailers up
on zones
updated the required DNS server name in /etc/resolv.conf and hosts file for the network they are part of