[oi-dev] Problem With Zone Networking

Nick Zivkovic zivkovic.nick at gmail.com
Sun Oct 14 23:55:29 UTC 2012 

Hi.

I didn't configure dhcp server properly.

I've now configured it.

However, while I can now do `dig google.com`, and get a proper
resolution, `ping google.com` does not work.

Which is very strange, to me. One command can do a resolution and
another can't. I verified that dns/multicast and dns/client services
are running.

Additionally, ipfilter (in the GZ) keeps going into the disabled
state, and I have to keep re-enabling it.

Any ideas?

Nick Zivkovic
Code: https://github.com/nickziv
Blog: http://nickziv.wordpress.com
Twitter: https://twitter.com/nickziv


On Sat, Oct 13, 2012 at 10:26 AM, Jim Klimov <jimklimov at cos.ru> wrote:
> Ideas below...
>
>
> 2012-10-13 4:18, Nick Zivkovic wrote:
>>
>> Hi,
>>
>> I just created and installed a new NGZ, with an exclusive IP stack.
>>
>> I've copied a sysidcfg file into the zone's /etc (the one from the wiki).
>>
>> I've enabled port forwarding via ipfilter and nat.
>>
>> I am able to ping IP addresses (using GZ as router). Note: I am using
>> a vnic for the NGZ and one for the GZ,
>> on the same etherstub.
>>
>> However domain name resolution does not work (I cannot ping
>> google.com, for example).
>>
>> I did copy resolv.conf and nsswitch.conf from the GZ into the NGZ.
>>
>> I tried enabling the multicast service, but it won't start because the
>> sysidtool:net service is not starting.
>>
>> Here is the message I get from `svcs -xv`:
>>
>> svc:/system/sysidtool:net (sysidtool)
>>   State: offline since Fri Oct 12 16:46:53 2012
>> Reason: Start method is running.
>>     See: http://illumos.org/msg/SMF-8000-C4
>>     See: man -M /usr/man -s 1M sysidtool
>>     See: /var/svc/log/system-sysidtool:net.log
>> Impact: 13 dependent services are not running:
>>          svc:/system/sysidtool:system
>>          svc:/milestone/sysconfig:default
>>          svc:/milestone/multi-user:default
>>          svc:/system/boot-config:default
>>          svc:/milestone/multi-user-server:default
>>          svc:/system/system-log:default
>>          svc:/system/utmp:default
>>          svc:/system/console-login:default
>>          svc:/network/ssh:default
>>          svc:/network/inetd:default
>>          svc:/system/sac:default
>>          svc:/network/rpc/bind:default
>>          svc:/system/filesystem/autofs:default
>
>
>
> What does the service's log show, if anything?
> Any messages on zone console?
>
> Namely, I suspect that with a copy-pasted sysidcfg you could request
> the zone to be a DHCP client (which pulls configs from announcements)
> and have no server on the etherstub? Un-started services seem to imply
> that the implementation of sysidcfg relevant to your config is still
> running (maybe blocked or failed under the hood somehow)...
>
> Any blockages in GZ ipfilter? (use "ipmon" to see matches for rules
> with the "log" keyword, and generally all blocking rules should have
> that - eases such debugs)
>
> Did you snoop on the vnic facing the etherstub for hints (requests,
> replies)?
>
> HTH,
> //Jim
>
>
> _______________________________________________
> oi-dev mailing list
> oi-dev at openindiana.org
> http://openindiana.org/mailman/listinfo/oi-dev

More information about the oi-dev mailing list