[OpenIndiana-discuss] Advice for setting up a build zone with a different subnet than the main network interface

Aurélien Larcher aurelien.larcher at gmail.com
Tue Feb 1 21:33:07 UTC 2022 

On Tue, Feb 1, 2022 at 10:27 PM Till Wegmueller <toasterson at gmail.com>
wrote:

> Hey Aurelian
>
> You need two VNIC's one for the Zone and one for the GZ. John names are
> hard to differentiate but in the example he also uses two VNICS.
>

That's exactly what I have done.

The vnic for the zone is not used in the GZ, not configured but fails to be
recognized in the zone.

If I create a vnic without an etherstub then the vnic is seen in the zone.

>
> Happy hacking
> Till
>
> On 01.02.22 18:00, Aurélien Larcher wrote:
> >>
> >>
> >> Do not use NWAM:
> >> # svcadm enable svc:/network/physical:default
> >> # ipadm create-addr -T dhcp bge0/v4
> >>
> >> Do create an etherstub for your build NGZ:
> >> # dladm create-etherstub zonenet0
> >> # dladm create-vnic -l zonenet0 gz0
> >> # dladm create-vnic -l zonenet0 bz0
> >>
> >> Do assign a private network to your etherstub:
> >> # ipadm create-addr -T static -a 192.168.0.1/24 gz0/v4
> >>
> >> # cat <<EOF| zonecfg -z build -f -
> >> add net
> >> set allowed-address="192.168.0.2/24"
> >> set physical="bz0"
> >> set defrouter="192.168.0.1"
> >> end
> >> EOF
> >>
> >> Do use ipnat and IP Forwarding to allow your build NGZ to connect
> >> your university network:
> >> # cat /etc/ipf/ipnat.conf
> >> map bge0 192.168.0.0/24 -> 0/32 portmap tcp/udp auto
> >> # routeadm -e ipv4-forwarding
> >> # routeadm -u
> >>
> >>
> > Dear John,
> > thank you for your insightful suggestion and my apologies for the delay,
> I
> > have been busy with a handful of PhD students finishing soon...
> >
> > I have switched to network/physical:default and implemented your
> suggestion
> > with the etherstub.
> >
> > However I am very surprised that on both my systems this approach fails
> as
> > the network interface is not configured in the zone.
> >
> > Even stranger, it seems that the vnic is only partially exposed to the
> zone.
> >
> > For example:
> >
> > GZ:
> > root at pegasus:~# dladm show-vnic
> > LINK         OVER         SPEED  MACADDRESS        MACADDRTYPE
>  VID
> > br0          ether0       0      2:8:20:da:ec:bb   random              0
> > vnic0        ether0       0      2:8:20:cb:7b:85   random              0
> >
> > NGZ:
> > root at build:~# dladm show-vnic
> > LINK         OVER         SPEED  MACADDRESS        MACADDRTYPE
>  VID
> > vnic0        ?            0      2:8:20:cb:7b:85   random              0
> >
> > On the second machin the zone simply refused to boot and the zoneadm
> > service is stuck, I cannot boot any other zone.
> >
> > My setup without the etherstub led to a configured interface, in this
> case
> > the vnic was linked to the physical interface directly.
> >
> > I wonder if we have some limitations in vanilla illumos which may have
> been
> > fixed in e.g. smartos.
> >
> >
> > Kind regards,
> >
> > Aurélien
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >>
> >> Happy hacking,
> >> John
> >> groenveld at acm.org
> >>
> >> _______________________________________________
> >> openindiana-discuss mailing list
> >> openindiana-discuss at openindiana.org
> >> https://openindiana.org/mailman/listinfo/openindiana-discuss
> >>
> >
> >
>
> _______________________________________________
> openindiana-discuss mailing list
> openindiana-discuss at openindiana.org
> https://openindiana.org/mailman/listinfo/openindiana-discuss
>


-- 
---
Praise the Caffeine embeddings

More information about the openindiana-discuss mailing list