LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Other *NIX Forums > Solaris / OpenSolaris
User Name
Password
Solaris / OpenSolaris This forum is for the discussion of Solaris and OpenSolaris.
General Sun, SunOS and Sparc related questions also go here.

Notices

Reply
 
Search this Thread
Old 03-02-2012, 05:09 PM   #1
bajones
LQ Newbie
 
Registered: May 2008
Posts: 27

Rep: Reputation: 15
two vlans in solaris zones


running solaris 10 and I have two production zones on the server and two dev zones. And two nics, one on production vlan and one on dev vlan. The default route in the global zone is the production vlan. I'm trying to get the dev zones to route through the dev default route, following this -- http://sysadminsjourney.com/content/...n-global-zones.

In this guy's blog, his two zones don't see each other's vlans. But my dev zones are seeing both the production routes and the dev routes. We have a messy network and have to add a lot of additional routes to our servers, for instance routes to be able to access them from our vpn network. So I have routes on both the prod and dev networks for these additional routes. The problem is I can see both networks from my dev zone. I've forced all my dev routes to go through the dev vlan. So I can ping my dev default route, I can ping my dev firewall, I can ping the DNS server from inside the zone. But nothing outside my zone can see it and I can't ssh out to anything outside the zone.

Is there any way from the global zone to make the prod routes visible only to the prod zones and the dev routes visible only to dev zones, given that the prod routes are also the defaults for the global zone?
 
Old 03-06-2012, 12:11 PM   #2
Blinker_Fluid
Member
 
Registered: Jul 2003
Location: Clinging to my guns and religion.
Posts: 682

Rep: Reputation: 63
Backing up a bit, when you do a 'zonecfg -z <zonename>' and do 'info net' does everything look correct? Does your address line just have the IP or does it also contain the network /23 (or whatever network subnet mask is applicable)?

In our network we've added rules to /etc/ipf/ipf.conf for the zones because of issues with routes.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Migrating Solaris 10 Zones to new machine. bavondrake Solaris / OpenSolaris 3 03-16-2011 06:32 PM
Passwordless connection to solaris zones SBN Solaris / OpenSolaris 1 12-01-2010 03:39 AM
Free automated Solaris zones backup bax Solaris / OpenSolaris 1 05-28-2010 09:52 AM
solaris zones: what is it for? ic_torres Solaris / OpenSolaris 5 04-11-2009 05:22 AM
Is my solaris 10 with zones? xpucto Solaris / OpenSolaris 7 02-26-2006 11:20 AM


All times are GMT -5. The time now is 01:26 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration