[OpenIndiana-discuss] Advice for setting up a build zone with a different subnet than the main network interface
John D Groenveld
groenveld at acm.org
Sat Jan 29 14:52:38 UTC 2022
In message <CAHMq6q39t3aAt56FQXqSvcusRLuaue2c47R+HvS0OufY=AQJgg at mail.gmail.com>
, =?UTF-8?Q?Aur=C3=A9lien_Larcher?= writes:
>I was wondering if you would have some recommendations for setting up the
>crossbow configuration on a new server at university.
Do not use NWAM:
# svcadm enable svc:/network/physical:default
# ipadm create-addr -T dhcp bge0/v4
Do create an etherstub for your build NGZ:
# dladm create-etherstub zonenet0
# dladm create-vnic -l zonenet0 gz0
# dladm create-vnic -l zonenet0 bz0
Do assign a private network to your etherstub:
# ipadm create-addr -T static -a 192.168.0.1/24 gz0/v4
# cat <<EOF| zonecfg -z build -f -
add net
set allowed-address="192.168.0.2/24"
set physical="bz0"
set defrouter="192.168.0.1"
end
EOF
Do use ipnat and IP Forwarding to allow your build NGZ to connect
your university network:
# cat /etc/ipf/ipnat.conf
map bge0 192.168.0.0/24 -> 0/32 portmap tcp/udp auto
# routeadm -e ipv4-forwarding
# routeadm -u
Happy hacking,
John
groenveld at acm.org
More information about the openindiana-discuss
mailing list