Skip to Main Content
Forums

Infrastructure Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Best practice for network setup for deploying zone migration

Andrew WatkinsDec 22 2015 — edited Jan 7 2016

I am setting up a new server which will have many zones and I want to try to configure the network correctly (best practice). I also want the option of migrating these Solaris zones to a a different server if I wish. My problem question is how much I have to do on the global zone and what I can keep in the zone.

When I have done it before without Aggregation or VLANs there is hardly anything done on the global zone.

  • Create a IP on hardware interface (net0)
  • Set up zone(s) network to point to net0 and keep IP info in the zone.

This means that when you move zones to a new host there is nothing to be done on the global zone, since network information is contained in the zone. This is why I am asking the question can something similar be done when you create a more resilience network!

Global zone: 


# ipadm show-addr


ADDROBJ           TYPE     STATE        ADDR


lo0/v4            static   ok           127.0.0.1/8


net0/v4           static   ok           193.xx.xx.xx/24




#  zonecfg -z myzone export


..


set ip-type=exclusive


add anet


set linkname=net0


set lower-link=net0


set allowed-address=193.xx.xx.xx/24


set configure-allowed-address=true


set defrouter=193.xx.xx.245


end

Same example but with Aggregation or VLANs

Global zone:

# dladm create-aggr -L off -l net0 -l net1 -l net2 -l net3 trunk0


# dladm show-aggr -x


LINK       PORT           SPEED DUPLEX   STATE     ADDRESS            PORTSTATE


trunk0     --            10000Mb full   up        0:10:e0:87:3f:e    --


           net0           10000Mb full   up        0:10:e0:87:3f:e    attached


           net1           10000Mb full   up        0:10:e0:87:3f:f    attached


           net2           10000Mb full   up        0:10:e0:87:3f:10   attached


           net3           10000Mb full   up        0:10:e0:87:3f:11   attached


# dladm create-vlan -l trunk0 -v 29 vlan29


# dladm show-vlan


LINK                VID  SVID PVLAN-TYPE  FLAGS  OVER


vlan29              29   --   --          -----  trunk0

Now I have to create a VNIC for every zone I want to use on this server.

# dladm create-vnic -l trunk0 -v 29 zone1


# dladm create-vnic -l trunk0 -v 29 zone2


# dladm show-vnic


LINK            OVER           SPEED  MACADDRESS        MACADDRTYPE IDS


zone2           trunk0         10000  2:8:20:fa:f3:8b   random      VID:29


zone1           trunk0         10000  2:8:20:e:bc:f9    random      VID:29


 


# zonecfg -z zone1 export


...


set ip-type=exclusive


add net


set configure-allowed-address=true


set physical=zone1

So when I go to move a zone to a new system I have to make sure I have already created a vnic specifically for that zone. I know that doing this method gives me a lot more control over the network/vnics, but I want to ask the question anyway.

Any pointers or any blog entries would be great.

Thanks,

Andrew
This post has been answered by Marcel Hofstetter JomaSoft on Jan 6 2016
Jump to Answer
Comments
Locked Post
New comments cannot be posted to this locked post.
Post Details
Locked on Feb 4 2016
Added on Dec 22 2015
#oracle-solaris, #solaris-11
2 comments
1,094 views