Network / global zones (Solaris 10 / 8) config recommendations | Unix Linux Forums | Solaris

  Go Back    


Solaris The Solaris Operating System, usually known simply as Solaris, is a Unix-based operating system introduced by Sun Microsystems. The Solaris OS is now owned by Oracle.

Network / global zones (Solaris 10 / 8) config recommendations

Solaris


Closed Thread    
 
Thread Tools Search this Thread Display Modes
    #1  
Old 10-15-2013
BradJM BradJM is offline
Registered User
 
Join Date: Oct 2013
Last Activity: 15 May 2014, 5:39 PM EDT
Posts: 4
Thanks: 1
Thanked 0 Times in 0 Posts
Network / global zones (Solaris 10 / 8) config recommendations

I have a few non-globa zones running in a 10.10.xx.xx network on a machine that is on a 192.168.xx.xx network.

My goal is to allow each of the non-global zones to communicate to each other while not communicating on the 192.168.xx.xx network.

I am using the current version of Solaris 10 in the global zone
The non-global zones are running the Solaris 8 branded zones.

I can tweak the settings without any issues within the global zones; however, I would like to keep the mods within the non-global zones to a minimum. This way every time I rebuild out a non-global zone I don't have to do a lot of re-customizatation.

My Long term I would like to join a few servers on the 192.168.xx.xx networks into a sub-network supporting a 10.10.xx.xx non-global zones.

So I am looking for pointers to accomplish this task.
Sponsored Links
    #2  
Old 10-15-2013
bartus11's Avatar
bartus11 bartus11 is offline Forum Staff  
Moderator
 
Join Date: Apr 2009
Last Activity: 26 October 2014, 3:02 PM EDT
Posts: 3,711
Thanks: 7
Thanked 1,143 Times in 1,114 Posts
Post output of zonecfg -z <name of the zone> export for two zones that can communicate with each other.
Sponsored Links
    #3  
Old 10-15-2013
BradJM BradJM is offline
Registered User
 
Join Date: Oct 2013
Last Activity: 15 May 2014, 5:39 PM EDT
Posts: 4
Thanks: 1
Thanked 0 Times in 0 Posts
My /etc/zones/server1.xml file for the zones that I want to communicate with.


Code:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE zone PUBLIC "-//Sun Microsystems Inc//DTD Zones//EN" "file:///usr/shar
e/lib/xml/dtd/zonecfg.dtd.1">
<!--
    DO NOT EDIT THIS FILE.  Use zonecfg(1M) instead.
-->
<zone name="server1" zonepath="/zpool2/server1" autoboot="false" brand="solaris8
">
  <network address="10.10.1.21/24" physical="bge0"/>
  <filesystem special="/install" directory="/install" type="lofs"/>
</zone>
---------------------------- second zone xml file --------------------
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE zone PUBLIC "-//Sun Microsystems Inc//DTD Zones//EN" "file:///usr/shar
e/lib/xml/dtd/zonecfg.dtd.1">
<!--
    DO NOT EDIT THIS FILE.  Use zonecfg(1M) instead.
-->
<zone name="server2" zonepath="/zpool2/server2" autoboot="false" brand="solaris8
">
  <network address="10.10.1.22/24" physical="bge0"/>
  <filesystem special="/install" directory="/install" type="lofs"/>
</zone>

All of the zones will be configured based on the above template xml file. I am looking for something simple; The "/install" is a shared location on the global zone for s/w installs.

global zone is configured on the 192.168.xx.xx network.

The bge1 interface is currently not used / plumbed.


Ahh - found my error for zones not talking between each other; I had a bad IP address in one of the xml files. This overides the non-global host /etc/inet/hosts file entry.

I now have the internal non-global zones talking to each other; the next step is to have two sets of servers configured with a similar zone.xml file (unique IP addresses). From what I remember the 10.10.xx.xx is a private network address so the router/switch will either drop the packets; or not be able to figure out the route to the other machine(s).

So now I have the zones talking to each other; so the next step is to get a few machines running this configuration.


Code:
Sever 1                                                   Server 2
 192.168.x.1     < switch/router>                        192.168.x.2
     10.10.1.1                                            10.10.1.2
     10.10.1.3                                            10.10.1.4
     10.10.1.20                                           10.10.1.40

    #4  
Old 10-15-2013
bartus11's Avatar
bartus11 bartus11 is offline Forum Staff  
Moderator
 
Join Date: Apr 2009
Last Activity: 26 October 2014, 3:02 PM EDT
Posts: 3,711
Thanks: 7
Thanked 1,143 Times in 1,114 Posts
Now post output of:
Code:
ifconfig -a
netstat -rn

Sponsored Links
    #5  
Old 10-15-2013
BradJM BradJM is offline
Registered User
 
Join Date: Oct 2013
Last Activity: 15 May 2014, 5:39 PM EDT
Posts: 4
Thanks: 1
Thanked 0 Times in 0 Posts
ifconfig -a

Code:
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index
 1
        inet 127.0.0.1 netmask ff000000 
lo0:1: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 ind
ex 1
        zone server1
        inet 127.0.0.1 netmask ff000000 
lo0:2: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 ind
ex 1
        zone server2
        inet 127.0.0.1 netmask ff000000 
bge0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
        inet 192.168.20.77 netmask ffffff00 broadcast 192.168.20.255
bge0:1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
        zone server1
        inet 10.10.1.21 netmask ffffff00 broadcast 10.10.1.255
bge0:2: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
        zone server2
        inet 10.10.1.23 netmask ffffff00 broadcast 10.10.1.255

netstat -rn

Code:
Routing Table: IPv4
  Destination           Gateway           Flags  Ref     Use     Interface 
-------------------- -------------------- ----- ----- ---------- --------- 
default              192.168.20.241       UG        1       6458           
192.168.20.0         192.168.20.77        U         1        368 bge0      
224.0.0.0            192.168.20.77        U         1          0 bge0      
127.0.0.1            127.0.0.1            UH       48    1037223 lo0


Last edited by BradJM; 10-15-2013 at 04:10 PM.. Reason: missing info - fix server names
Sponsored Links
    #6  
Old 10-15-2013
bartus11's Avatar
bartus11 bartus11 is offline Forum Staff  
Moderator
 
Join Date: Apr 2009
Last Activity: 26 October 2014, 3:02 PM EDT
Posts: 3,711
Thanks: 7
Thanked 1,143 Times in 1,114 Posts
I think specifying static routes for the zones on each server might work. Something like this:
On server 1 (global zone):
Code:
route -p add 10.10.1.2 192.168.x.2
route -p add 10.10.1.4 192.168.x.2
route -p add 10.10.1.40 192.168.x.2

On server 2 (global zone):
Code:
route -p add 10.10.1.1 192.168.x.1
route -p add 10.10.1.3 192.168.x.1
route -p add 10.10.1.20 192.168.x.1

What does netstat -rn look like inside a zone?
Sponsored Links
    #7  
Old 10-15-2013
BradJM BradJM is offline
Registered User
 
Join Date: Oct 2013
Last Activity: 15 May 2014, 5:39 PM EDT
Posts: 4
Thanks: 1
Thanked 0 Times in 0 Posts
Quote:
Originally Posted by bartus11 View Post
I think specifying static routes for the zones on each server might work. Something like this:
On server 1 (global zone):
Code:
route -p add 10.10.1.2 192.168.x.2
route -p add 10.10.1.4 192.168.x.2
route -p add 10.10.1.40 192.168.x.2

On server 2 (global zone):
Code:
route -p add 10.10.1.1 192.168.x.1
route -p add 10.10.1.3 192.168.x.1
route -p add 10.10.1.20 192.168.x.1


Is there a configuration file I can stuff this into so I can make it part of a delivery package?

If not; I can just build a list based on items found in the /etc/zones file and add the routes neccessary when the global zone is rebooted.

Thanks for making me find the error on the IP address defined in the zone configuration file. I had edited the zone configuration file; but I had failed to reboot the non-global zones so it would pick up my corrections.

Last edited by BradJM; 10-15-2013 at 04:54 PM.. Reason: added more info
Sponsored Links
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
Advanced Sysconfig use when building non-global zones in Solaris 11 os2mac Solaris 0 05-17-2013 06:25 PM
How to see global hostname by logging in non global zones? girish.batra Solaris 2 03-28-2010 02:58 AM
How to access ENV variables of non global zones in global zone??? vijaysachin Solaris 1 02-08-2010 08:40 AM



All times are GMT -4. The time now is 11:07 AM.