I have a configuration for a multi-tiered service environment.
Each tier has separate NICs and subnets, and redundant NICs to adjacent tiers.
I don't want the global zone to be reachable by the adjacent tiers, it should only be used for
management networks.
public
net
| | redundant switches, routers, FWs
| |
web zones
| | redundant switches, routers, FWs
| |
app zones
| | redundant switches, routers, FWs
| |
db
If I deprecate the interfaces, I don't see how routing info gets into the global zone. If I don't
deprecate the interfaces, I open up the global zone to that subnet.
I've tried this where my router is a S9 box with RIP, so maybe something else
would help.
Is my understand right or am I doing something wrong? What is the recommended
config (high level)?
What I am experiencing is IPMP is flip-flopping interfaces since the GZ's mpathd cant reach the
router, and the routing info is not sufficient for the NGZs.
Many thanks!
Steffen
_______________________________________________
networking-discuss mailing list
[email protected]
