How to create a Solaris local zone with an exclusive NIC?


 
Thread Tools Search this Thread
Top Forums UNIX for Beginners Questions & Answers How to create a Solaris local zone with an exclusive NIC?
# 1  
Old 11-22-2019
How to create a Solaris local zone with an exclusive NIC?

I'm trying to migrate a Solaris 10 flar archive from a Sun M3000 to a T4-1. When I first created the zone I followed the Oracle instructions here: Transitioning an Oracle Solaris 10 Instance to an Oracle Solaris 11 System - Transitioning From Oracle Solaris 10 to Oracle Solaris 11 That worked OK, in the sense that I was able to boot the zone and access it via ssh and vncviewer. However, I did not realize that without an exclusive NIC, my zone would not be able to do DHCP which means the Sun Ray server would not work, and I have to have that.

Now the T4-1 has four gigabit NICS, labeled on the back net0 - net3. I had one cable connected to net0. So I added a second cable from a free port on my switch to net1 and tried to reconfigure my zone to use it instead of net0. That's when all hell broke loose. I can still talk to the global zone over my LAN but my local zone will no longer even boot.

Here's a few possibly relevant pieces:
Code:
root@hemlock:/# dladm
LINK                CLASS     MTU    STATE    OVER
ldoms-vsw0.vport0   vnic      1500   up       net0
ldoms-vsw0.vport1   vnic      1500   up       net0
net0                phys      1500   up       --
net1                phys      1500   up       --
net2                phys      1500   unknown  --
net3                phys      1500   unknown  --
net4                phys      1500   up       --

sp-phys0            phys      1500   up       --

Attempting to turn on net1 and boot the zone, I get this:
Code:
root@hemlock:/# ifconfig net1 plumb
ifconfig: cannot plumb net1: Interface already exists
root@hemlock:/# ifconfig net1 dhcp start
root@hemlock:/# zoneadm -z s10zone install -u -a /rpool/s10archive/s10.flar
zoneadm: zone s10zone: WARNING: Skipping network interface: interface 'net1' is used in the global zone.
ERROR: 
Zone rpool data set rpool/zones/s10zone/rpool already exists. Aborting the operation
zoneadm: zone 's10zone': ERROR: installation failed: zone switching to configured state
root@hemlock:/#

It doesn't like the global zone having net1? OK, so we try
Code:
root@hemlock:/# ifconfig net1 unplumb
root@hemlock:/# zoneadm -z s10zone install -u -a /rpool/s10archive/s10.flar
ERROR: 
Zone rpool data set rpool/zones/s10zone/rpool already exists. Aborting the operation
zoneadm: zone 's10zone': ERROR: installation failed: zone switching to configured state
root@hemlock:/#

My zone is already configured? So where is it?
Code:
root@hemlock:/# zoneadm list
global
root@hemlock:/#

Rather than continuing thrashing about in the dark, I figure it's time to ask for help. I freely admit to having no clue what I'm doing.
# 2  
Old 11-23-2019
Looks like you are mixing ldoms and zones on the same box ?
This is doable, but ill advised.
Create a LDOM first, then zone inside or restore flar archive directly into a LDOM.

As for exclusive / shared IP stack in zone, the basic difference is that exclusive stack operates on L2 (MAC layer), while shared stack on L3 (IP layer).

That means in real life that if you have, say, net0 interface....
  • You create exclusive zone, it will create additional interface with new MAC address, called VNIC, this is default dladm show-vnic
    This interface to outside world is a fully functional L2 interface, and network configuration is done in non-global zone.
  • You create shared zone, it will share net0 with global zone, creating virtual IP over a net0 and give it to the zone.
    This interfaces shares MAC address with global zone interface, and network configuration is done via zonecfg command from global zone.

Global zone can be ran on bare metal or inside ldoms, but do not mix zones with oracle vm server for sparc on same box.
Two options :
  1. [METAL <--> GLOBAL ZONE] [NON-GLOBAL ZONE (shared or exclusive)]
  2. [METAL <--> ORACLE VM] [LDOM/GLOBAL ZONE] [NON-GLOBAL ZONE (shared or exclusive)]

While configuring ldom you need to add (or set) your vnet in this fasion :
Code:
ldm add-vnet alt-mac-addrs=auto,auto vnet0 primary-vsw0 ldom

Which will allow zones running in ldom to have up to 2 additional MAC address interfaces or vnics on vnet0 interface.

Hope that helps
Regards
Peasant.
This User Gave Thanks to Peasant For This Post:
# 3  
Old 11-23-2019
Quote:
Looks like you are mixing ldoms and zones on the same box ?
This is doable, but ill advised.
Unfortunately I did not know that when I started. Yes, I have Solaris 11.4 installed on the T4-1 bare metal. Under the 11.4 global zone I have an LDOM running Linux for SPARC. That's working properly. Then I created a local zone under the global zone to run my Solaris 10 image. That zone is not running in the LDOM, it's side-by-side with it. I'd rather keep it this way than having to create another LDOM which would eat up more host memory and more CPU's, unless it just won't work at all. In any case, I finally got the zone to boot by saying this:
Code:
root@hemlock:/rpool# zoneadm -z s10zone attach -F
root@hemlock:/rpool# zoneadm -z s10zone boot
root@hemlock:/rpool# dladm
LINK                CLASS     MTU    STATE    OVER
ldoms-vsw0.vport0   vnic      1500   up       net0
ldoms-vsw0.vport1   vnic      1500   up       net0
net0                phys      1500   up       --
net2                phys      1500   unknown  --
net3                phys      1500   unknown  --
net4                phys      1500   up       --
sp-phys0            phys      1500   up       --
s10zone/net0        vnic      1500   up       net0
net1                phys      1500   unknown  --
s10zone/net1        phys      1500   unknown  --
root@hemlock:/rpool#

Notice that now how the listing has changed. net1 is listed last and there's two entires for s10zone. However, when the zone boots, it tries to connect to bge0 which was the NIC on the M3000 where this image was created. Of course it can't find it so it goes into maintenance mode immediately.
Code:
[NOTICE: Zone booting up]

SunOS Release 5.10 Version Generic_Virtual 64-bit
Copyright (c) 1983, 2013, Oracle and/or its affiliates. All rights reserved.
Failed to plumb IPv4 interface(s): bge0
Failed to plumb IPv6 interface(s): bge0
Failed to configure IPv4 DHCP interface(s): bge0
Moving addresses from missing IPv4 interface(s): bge0 (not moved -- not in an IPMP group).
Moving addresses from missing IPv6 interface(s): bge0 (not moved -- not in an IPMP group).
Nov 22 17:53:54 svc.startd[1221]: svc:/network/physical:default: Method "/lib/svc/method/net-physical" failed with exit status 96.
Nov 22 17:53:54 svc.startd[1221]: network/physical:default misconfigured: transitioned to maintenance (see 'svcs -xv' for details)
/usr/sbin/pmconfig: di_init init/access error
Hostname: s10zone
/usr/sbin/pmconfig: cannot open "/dev/pm": No such file or directory
Nov 22 17:53:55 svc.startd[1221]: svc:/platform/sun4u/dcs:default: Method "/lib/svc/method/svc-dcs" failed with exit status 96.
Nov 22 17:53:55 svc.startd[1221]: platform/sun4u/dcs:default misconfigured: transitioned to maintenance (see 'svcs -xv' for details)
Nov 22 17:53:56 svc.startd[1221]: svc:/system/sysevent:default: Method "/lib/svc/method/svc-syseventd start" failed with exit status 95.
Nov 22 17:53:56 svc.startd[1221]: system/sysevent:default failed fatally: transitioned to maintenance (see 'svcs -xv' for details)
Requesting System Maintenance Mode
(See /lib/svc/share/README for more information.)
Console login service(s) cannot run

Root password for system maintenance (control-d to bypass): 
single-user privilege assigned to /dev/console.
Entering System Maintenance Mode

Nov 22 17:55:10 su: 'su root' succeeded for root on /dev/console
Oracle Corporation	SunOS 5.10	Generic Patch	January 2005
# more /etc/hosts
#
# Internet host table
#
127.0.0.1	localhost	loghost
::1	localhost	loghost

And there's a device inside the zone for igb1 now:
Code:
# ls /dev/ig*
/dev/igb1

But when I try to plumb it I get
# ifconfig igb1 plumb
ifconfig: cannot plumb igb1: Datalink does not exist
#
This seems to be the missing link (sorry). If I could get the s10zone to plumb igb1, all might be well. Is there perhaps some magic word I need to give in zonecfg:net?
# 4  
Old 11-23-2019
Solaris 10 in LDOM should work fine from flar archive.
ldmp2v -
Oracle(R) VM Server for SPARC 3.5 Reference Manual


If something does not work you can always poweroff and delete ldom to reclaim resources.

Do not mix both on same box ....

Regards
Peasant.
# 5  
Old 11-23-2019
OK, hold everything. I decided to check the zonecfg for s10zone:
Code:
root@hemlock:/rpool# zonecfg -z s10zone
zonecfg:s10zone> info
zonename: s10zone
zonepath: /zones/s10zone
brand: solaris10
hostid: 80995cda
net 0:
	physical: net1
anet 0:
	linkname: net0
	configure-allowed-address: true
	auto-mac-address: 2:8:20:a5:23:b3
zonecfg:s10zone>

The clue is the line that says net0 is physical:net1. So I went back to the zone and instead of trying to plumb igb1 I said
Code:
# ifconfig net0 plumb
# ifconfig net0
net0: flags=100001000842<BROADCAST,RUNNING,MULTICAST,IPv4,PHYSRUNNING> mtu 1500 index 2
	inet 0.0.0.0 netmask 0 
	ether 2:8:20:a5:23:b3 
# ifconfig net0 192.168.0.78 netmask 255.255.255.0
# ifconfig net0 up && ifconfig net0
net0: flags=100001000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,PHYSRUNNING> mtu 1500 index 2
	inet 192.168.0.78 netmask ffffff00 broadcast 192.168.0.255
	ether 2:8:20:a5:23:b3 
# ifconfig -a
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
	inet 127.0.0.1 netmask ff000000 
net0: flags=100001000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,PHYSRUNNING> mtu 1500 index 2
	inet 192.168.0.78 netmask ffffff00 broadcast 192.168.0.255
	ether 2:8:20:a5:23:b3 
lo0: flags=2002000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv6,VIRTUAL> mtu 8252 index 1
	inet6 ::1/128 
# ping 192.168.0.1
192.168.0.1 is alive
#

And this time it worked! Unfortunately, it did not survive a reboot. So I edited /etc/hosts, /etc/netmasks, and /etc/hostname.net0. Now I have networking when I reboot but it's still not working right:
Code:
[NOTICE: Zone rebooting]


SunOS Release 5.10 Version Generic_Virtual 64-bit
Copyright (c) 1983, 2013, Oracle and/or its affiliates. All rights reserved.
Failed to configure IPv4 DHCP interface(s): igb1
/usr/sbin/pmconfig: di_init init/access error
/usr/sbin/pmconfig: cannot open "/dev/pm": No such file or directory
Hostname: s10zone
Nov 23 10:08:07 svc.startd[17615]: svc:/network/ipfilter:default: Method "/lib/svc/method/ipfilter start" failed with exit status 96.
Nov 23 10:08:07 svc.startd[17615]: network/ipfilter:default misconfigured: transitioned to maintenance (see 'svcs -xv' for details)
Nov 23 10:08:08 svc.startd[17615]: svc:/system/sysevent:default: Method "/lib/svc/method/svc-syseventd start" failed with exit status 95.
Nov 23 10:08:08 svc.startd[17615]: system/sysevent:default failed fatally: transitioned to maintenance (see 'svcs -xv' for details)
Requesting System Maintenance Mode
(See /lib/svc/share/README for more information.)
Console login service(s) cannot run

Root password for system maintenance (control-d to bypass): Nov 23 10:08:08 svc.startd[17615]: svc:/platform/sun4u/dcs:default: Method "/lib/svc/method/svc-dcs" failed with exit status 96.
Nov 23 10:08:08 svc.startd[17615]: platform/sun4u/dcs:default misconfigured: transitioned to maintenance (see 'svcs -xv' for details)
Nov 23 10:08:08 svc.startd[17615]: svc:/network/iscsi/initiator:default: Method "/lib/svc/method/iscsid start" failed with exit status 96.
Nov 23 10:08:08 svc.startd[17615]: network/iscsi/initiator:default misconfigured: transitioned to maintenance (see 'svcs -xv' for details)

single-user privilege assigned to /dev/console.
Entering System Maintenance Mode

Nov 23 10:08:12 su: 'su root' succeeded for root on /dev/console
Oracle Corporation	SunOS 5.10	Generic Patch	January 2005
# ping 192.168.0.1
192.168.0.1 is alive
#


Last edited by hicksd8; 11-24-2019 at 01:57 PM..
# 6  
Old 11-24-2019
Quote:
Originally Posted by Peasant
Solaris 10 in LDOM should work fine from flar archive.
ldmp2v -
Oracle(R) VM Server for SPARC 3.5 Reference Manual


If something does not work you can always poweroff and delete ldom to reclaim resources.

Do not mix both on same box ....
Yikes. That looks even more complicated than what I'm trying to do now. I'm also not sure how to do ldmp2v with an existing flar. Nor did I see anything about how to use my net1 interface instead of net0.
# 7  
Old 11-25-2019
It doesn't look like ldmp2v is going to do it. From the docs:
Quote:
Note - The ldmp2v command does not support any SPARC system that runs the Oracle Solaris 10 OS with a ZFS root or the Oracle Solaris 11 OS.
My source (M3000) is running Solaris 10 with a zfs root. It does nto even have the ldmp2v command. And the target (T4-1) is running Solaris 11.4.
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. Solaris

Default route issue in share local zone in Solaris 11

Hi We took the reboot of server/global zone after that Solaris 11 share local zone not able to ping the default gateway but global zone able to ping same default gateway. I check/compare the before activity logs of global zone and local zones which looks fine to me, further IP and netmask of... (6 Replies)
Discussion started by: sb200
6 Replies

2. Solaris

Solaris zone with full working NIC

I want a solaris zone,wich can get ip from dhcp external server i configure my zone net: address not specified allowed-address not specified configure-allowed-address: true physical: vnic1 defrouter not specified vnic is linked to net0 dladm net0 ... (6 Replies)
Discussion started by: Linusolaradm1
6 Replies

3. Solaris

Solaris 10 local zone on Solaris 11 global zone

Hi, A quick question: Can Solaris 10 local zones be moved to a Solaris 11 global zone and work well? Thank you in advance! (5 Replies)
Discussion started by: aixlover
5 Replies

4. Solaris

x86 Solaris 10 nic driver added but not attached. NIC is not detected.

I couldn't install my nic in solaris 10. I compiled and added the driver but failed to attach the driver and ifconfig output shows only loopback dev. Please see the following output and tell me whether my nic has been detected and why the driver failed to attach? My nic is detected in linux... (0 Replies)
Discussion started by: vectrum
0 Replies

5. Solaris

create Virtual NIC in Solaris 10

Hi All, does any body know how to create Virtual NIC in Solaris 10 if any one have good article or reference kindly provide me i try to Google but i didn't find good one (7 Replies)
Discussion started by: jamisux
7 Replies

6. Solaris

Covert Global zone to local zone

Dears, I would like to convert solaris 10 x86 and solaris 10 sparc (Global Zones) physical servers into Local zones. i found a document which seems to be helpful but i'm stuck @ the 1st step. to test this i want to do it 1st on x86 system running under vmware ESXi and if it succeeds i will... (1 Reply)
Discussion started by: mduweik
1 Replies

7. Solaris

Global zone name from local zone

How to check the global zone name from local zone. (6 Replies)
Discussion started by: fugitive
6 Replies

8. Solaris

[Solaris 10]Zones and exclusive ip

Hello, I have a V120 server with two network interfaces. I would like to use one of them in my non global zone. I set the "ip-type=exclusive" as described here Solaris 10 8/07: Exclusive-IP Non-Global Zones (System Administration Guide: Solaris Containers-Resource Management and Solaris Zones) -... (2 Replies)
Discussion started by: Tex-Twil
2 Replies

9. Solaris

Not able to ping global zone from local zone

Hi Gurus I am not able to ping the local zone from global zone when i am trying to ping i am getting below ICMP Host Unreachable from gateway zone ( 192.268.35.210) for icmp from zone ( 192.168.35.210) to sun1 ( 192.168.35.210) However i can ping local zone from global please... (12 Replies)
Discussion started by: kumarmani
12 Replies
Login or Register to Ask a Question