[OpenIndiana-discuss] Is it possible to do shared networking for LZ different from IP stack in GZ?
Jim Klimov
jimklimov at cos.ru
Mon Jun 11 13:59:54 UTC 2012
Hello all,
In OpenSolaris and its descendants it is possible to create
local zones (LZ) which share an IP stack with the global zone
(GZ) or have an exclusive IP stack. While exclusive stacks
have better separation between zones, the shared stacks may
yield higher performance comparable to loopback links.
I wondered if it is possible (now, or technically feasible
through an RFE) to go a step beyond, and either:
1) Have a number of LZs with a shared IP stack, while the GZ
uses an exclusive IP stack, or
2) Define a number of IP stacks and bind certain zones to one
or another stack (and perhaps allow creation of routing
zones which can route/firewall between the two, although
several zones connected by an etherstub could do that).
Separate stacks shared by several zones might combine the
best of two worlds - groups of related zones would have
faster and more intimate interlinks, while unrelated zones
(and groups thereof) would be well isolated.
(actually, option 1 is a subset of option 2's capabilities)
For example, now I was documenting how to pass several LZs
with a host-only networked connection (exclusive stacks on
an etherstub) to Internet through NAT on their GZ. This is,
apparently, not a way to go for zones with a shared stack -
because the GZ's stack would have a hard time defining itself
as the default route for those local zones (if the GZ is used
as a router and not some routing LZ with an exclusive stack).
This is not an RFE per se, but rather food for thought and
discussion - did anyone ponder about this? Are there reasons
not to do it?
Thanks,
//Jim Klimov
More information about the OpenIndiana-discuss
mailing list