En, VLAN_ID_MAX is 4094, so you'll hit the limit on 4094. ;-)
----- Original Message -----
From: Garrett D'Amore <[EMAIL PROTECTED]>
Date: Saturday, June 30, 2007 7:28 am
Subject: Re: [networking-discuss] zones and vlans....
To: Peter Memishian <[EMAIL PROTECTED]>
Cc: networking-discuss <[email protected]>
> Peter Memishian wrote:
> > > I've come up with a usage case where I'd like to allow VLANs
> to be
> > > plumbed and unplumbed from within a zone.
> > >
> > > Specifically, in order to enable a certain form of testing,
> which
> > > requires me to make a system "wide open" ('+ +' in /.rhosts!),
> I'd like
> > > to use a zone. Then I could use the system as a test peer,
> without
> > > requiring an actually separate piece of hardware, and without
> opening up
> > > a gaping whole on my primary system.
> > >
> > > One of the tests wants to plumb and unplumb a bunch of VLAN
> interfaces,
> > > in order to do validation of the VLAN support on the "system
> under test".
> > >
> > > The question is, can it be done? As far as I can tell,
> > > plumbing/unplumbing of VLANs has to be done on the global
> zone.
> > > Clearly, I don't want this to happen. Any chance we can get
> the ability
> > > to do this (perhaps as a tunable) in the non-global zone?
> I've already
> > > made the zone an IP-exclusive zone, and I've given it its own
> interface
> > > to own for the purposes of testing.
> > >
> > > Maybe this is on the roadmap, maybe it isn't. If it isn't, is
> there any
> > > technical reason to absolutely forbid the plumbing of separate
> VLAN
> > > devices in an IP-exclusive zone?
> >
> > We've been talking about this (and general creation and deletion
> of links
> > in a zone) on clearview-discuss; see the "link names in an
> exclusive zone"
> > thread.
> >
> >
>
> Hmm... I just found a way to do it. If I do "zone cfg add net"
> for
> *each* (in this 4096 of 'em!) VLAN, it will work. I've only tested
> with
> a couple of vlans. I wonder if I will hit any limits when I try to
> allow the zone access to up to 4096 vlans.
>
> I need to reboot and reinstall before I do this, but I'll report back.
>
> -- Garrett
> _______________________________________________
> networking-discuss mailing list
> [email protected]
>
_______________________________________________
networking-discuss mailing list
[email protected]
