Re: [zones-discuss] Zone with IP address from a different subnet
Thanks for your answer, I might be missing something obvious, but how can I add this route ? (global zone) # route add default xx.121.41.254 add net default: gateway xx.121.41.254: Network is unreachable Regards, Alain On Jun 4, 2008, at 8:02 AM, Erik Nordmark wrote: > Alain Durand wrote: >> Hi Ben, >> Thanks for your answer, there is indeed something different in the >> routing tables : >> - With the IP alias : >> Routing Table: IPv4 >> Destination Gateway Flags Ref Use >> Interface - - >> -- - default xx.121.24.254 >> UG1309 xx.121.24.0 xx. >> 121.24.211U 1 15 vfe0 xx. >> 121.41.77 xx.121.41.77 UH1 0 >> vfe0:1224.0.0.0xx.121.24.211U >> 1 0 vfe0 127.0.0.1127.0.0.1 >> UH1 0 lo0- With the zone : >> Routing Table: IPv4 >> Destination Gateway Flags Ref Use >> Interface - - >> -- - default xx.121.24.254 >> UG1314 xx.121.24.0 xx. >> 121.24.211U 1 15 vfe0 >> 224.0.0.0xx.121.24.211U 1 0 >> vfe0 127.0.0.1127.0.0.1UH >> 1 0 lo0 > > That is netstat -rn in the global zone, I assume. > > If you do netstat -rn in the non-global zone you will see that the > xx.121.41.77 is indeed there. BUT that zone will not see a default > route. This is because the only default route is for the 24 subnet. > You need to add an additional default route in the global zone which > has a gateway in the 41 subnet. > > Erik ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] code review: native brand refactoring
Ed, Edward Pilatowicz wrote: > hey jerry, > some final comments. > ed > > - could you update the sn1 brand so that it will still work? > (it's broken on x86 because of 6703962, but it should still work on sparc.) I'll take a look at what is going on there. > usr/src/lib/libbrand/dtd/brand.dtd.1 > > - so after reading the comments for "predetach" and "detach" > i still have no idea what the difference is between when > the two callbacks are invoked. I had gotten similar input from Dan. I have added more comments to try to clarify this. > - for the "clone" callback, is it possible for the clone operation > to fail after the callback has been invoked? (in which case the > callback needs to be re-run friendly like the "*detach" callbacks.) Yes it can fail, but it can't be re-run. I think the comments already explain this: If this hook exits with a non-zero exit status, the clone operation will fail and the zone will be left in the "incomplete" state, otherwise the state will be changed to "installed". Let me know if you think I still need to clarify that. > - "validatesnap", perhaps the description could be changed to: > Identifies the hook to invoke when cloning a zone to validate > the source zone snapshot that should have been created > using the built-in ZFS clone support. I added some additional comments to clarify this. Thanks again, Jerry ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Zone with IP address from a different subnet
Alain Durand wrote: > Thanks for your answer, I might be missing something obvious, but how > can I add this route ? > > (global zone) # route add default xx.121.41.254 > add net default: gateway xx.121.41.254: Network is unreachable Probably because the global zone does not have an IP address on that subnet. You will need to configure one long enough to add the route. If your zone does not autoboot, maybe use the IP address you later give to the zone, then delete the IP address, then boot the zone. zones on different subnets than the global zone is one reason for exclusive IP instances. It isolates some of the routing challenges. BTW, this only works for default routes. Static ones don't work. at least that is my/others' experience. Steffen > > Regards, > Alain > > On Jun 4, 2008, at 8:02 AM, Erik Nordmark wrote: > >> Alain Durand wrote: >>> Hi Ben, >>> Thanks for your answer, there is indeed something different in the >>> routing tables : >>> - With the IP alias : >>> Routing Table: IPv4 >>> Destination Gateway Flags Ref Use >>> Interface - - >>> -- - default xx.121.24.254 >>> UG1309 xx.121.24.0 xx. >>> 121.24.211U 1 15 vfe0 xx. >>> 121.41.77 xx.121.41.77 UH1 0 >>> vfe0:1224.0.0.0xx.121.24.211U >>> 1 0 vfe0 127.0.0.1127.0.0.1 >>> UH1 0 lo0- With the zone : >>> Routing Table: IPv4 >>> Destination Gateway Flags Ref Use >>> Interface - - >>> -- - default xx.121.24.254 >>> UG1314 xx.121.24.0 xx. >>> 121.24.211U 1 15 vfe0 >>> 224.0.0.0xx.121.24.211U 1 0 >>> vfe0 127.0.0.1127.0.0.1UH >>> 1 0 lo0 >> That is netstat -rn in the global zone, I assume. >> >> If you do netstat -rn in the non-global zone you will see that the >> xx.121.41.77 is indeed there. BUT that zone will not see a default >> route. This is because the only default route is for the 24 subnet. >> You need to add an additional default route in the global zone which >> has a gateway in the 41 subnet. >> >> Erik > > ___ > zones-discuss mailing list > zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Zone with IP address from a different subnet
Alain Durand wrote: > Thanks for your answer, I might be missing something obvious, but how > can I add this route ? > > (global zone) # route add default xx.121.41.254 > add net default: gateway xx.121.41.254: Network is unreachable I forgot about that part. The common way is to add the route while you have a temporary IP address in the global zone, and then remove it. E.g., ifconfig vfe0 addif xx.121.41.254.77/24 up route add default xx.121.41.254 ifconfig vfe0 removeif xx.121.41.254.77 and then boot the zone. Erik ___ zones-discuss mailing list zones-discuss@opensolaris.org
Re: [zones-discuss] Zone with IP address from a different subnet
I managed to add the route using a temporary IP in the subnet, however still cannot ping the zone, not even from its global zone. Here are the routes I am seeing in the global zone : Routing Table: IPv4 Destination Gateway Flags Ref Use Interface - - -- - default xx.121.24.254UG1 2106 default xx.121.41.254UG1 0 xx.121.24.0 xx.121.24.211U 1136 vfe0 224.0.0.0xx.121.24.211U 1 0 vfe0 127.0.0.1127.0.0.1UH1 0 lo0 and here are the routes seen from the zone : Routing Table: IPv4 Destination Gateway Flags Ref Use Interface - - -- - xx.121.41.77 xx.121.41.77 UH1 0 vfe0:1 224.0.0.0xx.121.41.77 U 1 0 vfe0:1 127.0.0.1127.0.0.1UH1 0 lo0:1 If needed I could use IP instances (I'm running Solaris 10 Update 5), but have only one physical ethernet interface, is that possible ? Thanks for your help, Alain On Jun 5, 2008, at 1:32 AM, Erik Nordmark wrote: Alain Durand wrote: Thanks for your answer, I might be missing something obvious, but how can I add this route ? (global zone) # route add default xx.121.41.254 add net default: gateway xx.121.41.254: Network is unreachable I forgot about that part. The common way is to add the route while you have a temporary IP address in the global zone, and then remove it. E.g., ifconfig vfe0 addif xx.121.41.254.77/24 up route add default xx.121.41.254 ifconfig vfe0 removeif xx.121.41.254.77 and then boot the zone. Erik ___ zones-discuss mailing list zones-discuss@opensolaris.org ___ zones-discuss mailing list zones-discuss@opensolaris.org
