Re: [oi-dev] VNIC creation failure

2012-09-06 Thread Ewald Ertl 
Hi,

On Thu, Sep 6, 2012 at 5:14 AM, Nick Zivkovic wrote:

> Is it possible to get zones on an etherstub to communicate with the global
> zone?
>

Yes, it's possible and I  have it running since some time now.

I have a WinXP running in a virtualbox, which has assigned a vnic connected
to a virtual etherstub.
The global zone has also a vnic connected to the etherstub, but all have
fixed addresses.

For Virtualbox, I have the VNIC set to bridged mode and I have also the set
the same
MAC adresse in Virtualbox as listed by "dladm show-vnic"

In the global zone, I have activated the ipfilter service and configured it
to do NAT.

The content of /etc/ipf/ipnat.conf is
map e1000g0  192.168.1.0/24 ->
0/32
map iwh0  192.168.1.0/24 -> 0/32
rdr e1000g0  0.0.0.0/0 port 9090 -> 192.168.1.101 port 8080
rdr e1000g0  0.0.0.0/0 port 18000 -> 192.168.1.101 port 17000
rdr e1000g0  0.0.0.0/0 port  -> 192.168.1.101 port 22


I do the natting for both the ethernet e1000g0 and the wireless adapater
iwh0, so regardless
of the network I'm in, the other systems can communicate with the outside
world.

The rdr lines allow redirections of ports to my "local virtual" network.



>
> For me, shared-ip stacks won't work because the network admins here
> won't give me multiple addresses per network card.
>
> The networking is determined via dhcp.
>
> Is it possible to set it up so that the NGZs can use the GZ as a router?
>
Yes, I've also enabled IPv4 routing with routeadm.

HTH Ewald
___
oi-dev mailing list
oi-dev@openindiana.org
http://openindiana.org/mailman/listinfo/oi-dev

[oi-dev] VNIC Creation failure

2012-09-05 Thread Ron Parker 
Nick,

Sorry to break the message threading, I was not joined to the list
when you asked the question.

Yes it's possible to use an etherstub with your per-zone vnics hanging
off of it. I have the details of it documented at work, but basically
you

1. Create the etherstub
2. Create the VNICs, possibly with one for the host if it needs access
to the subnet the zones are on
3. Configure each zone with a static exclusive interface assigned to
the given vnic.
4. Set up NAT by configuring /etc/ipf/ipnat.conf with something like:

map bge0 192.168.190.0/24 -> 0/32 portmap tcp/udp auto
map bge0 192.168.190.0/24 -> 0/32

where the network specified is your zone subnet.

5. Enable IP forwarding and update the config

routeadm -e ipv4-forwarding
routeadm -u

6. Enable the IP filter service:

svcadm -e svc:/network/ipfilter:default

Well that's off the top of my head, if you need more details I can
give them when I get to work in ~9 hours. Otherwise I just did a quick
google and it looks like this is documented much better than when I
pieced it together for my self. You may want to check
http://wiki.openindiana.org/oi/Using+host-only+networking+to+get+from+build+zones+and+test+VMs+to+the+Internet.

--
Ron Parker
Don't type things you find on the Internet into your computer!
:(){ :|:&};:

___
oi-dev mailing list
oi-dev@openindiana.org
http://openindiana.org/mailman/listinfo/oi-dev

Re: [oi-dev] VNIC creation failure

2012-09-05 Thread Nick Zivkovic 
Is it possible to get zones on an etherstub to communicate with the global zone?

For me, shared-ip stacks won't work because the network admins here
won't give me multiple addresses per network card.

The networking is determined via dhcp.

Is it possible to set it up so that the NGZs can use the GZ as a router?

On Wed, Sep 5, 2012 at 9:41 PM, Nick Zivkovic  wrote:
> I'm running OI-151a, and I'm trying to create a vnic over an interface
> (to support pre-packaged NGZ's).
>
> I try doing:
>
> pfexec dladm create-vnic -l ath0 vnic0
>
> and I get an error:
>
> dladm: vnic creation over ath0 failed: operation not supported
>
>
> What does this mean? Does vnic creation depend on specific driver/nic
> features? Is there a way around this?
>
> Thanks.

___
oi-dev mailing list
oi-dev@openindiana.org
http://openindiana.org/mailman/listinfo/oi-dev

[oi-dev] VNIC creation failure

2012-09-05 Thread Nick Zivkovic 
I'm running OI-151a, and I'm trying to create a vnic over an interface
(to support pre-packaged NGZ's).

I try doing:

pfexec dladm create-vnic -l ath0 vnic0

and I get an error:

dladm: vnic creation over ath0 failed: operation not supported


What does this mean? Does vnic creation depend on specific driver/nic
features? Is there a way around this?

Thanks.

___
oi-dev mailing list
oi-dev@openindiana.org
http://openindiana.org/mailman/listinfo/oi-dev