I have been using zones for ages, but I think i have been creating network zone incorrectly, since I am getting some strange errors in there default routers when all interfaces are on the same subnet.
So, to create a simple network zone I thought both were valid.
Option 1) Specify IP at first boot via sysconfig: set ip-type=exclusive add anet set linkname=net0 set lower-link=auto set configure-allowed-address=false
Option 2) Specify IP in zone information, so that it can be changed at ant time easily: set ip-type=exclusive add anet set linkname=net0 set lower-link=auto set allowed-address=193.x.x.x set configure-allowed-address=true
But option 2 with Solaris 11.1 now gives we strange results in the routing table.
Edited by: qwe25256 on Dec 13, 2012 5:51 AM (Hit save to quickly last time)
Well after some work I tracked the problem down to the way the zone is confured in Solaris 11.1. This problem occurres only when you are using a single subnet.
When you specify the network address in the zone configuration file (allowed-address=nn.nn.nn.nn) then you get a different default router in the zone as you do in the global zone. Not sure if this is a bug or the way it does it, since it works differently in Solaris 11.0
To get over this and may be the correct way, I now specify all network IP information in the zone via the sysconfig, which works. I prefered the other way, since I could swap an IP address of a zone via zonecfg and then a quick reboot of the zone.
I have a Oracle Call already open so I will try to pin down if this is a bug or not.
Oracle gave me the solution. I was missing the mask on the IP address. If you want to add the IP and router in the zone configuration file, then the solution is as follow: set ip-type=exclusive add anet set linkname=net0 set lower-link=auto set allowed-address=193.10.10.x/24 set defrouter=184.108.40.206 set configure-allowed-address=true
Probably a little off-topic.
If you have more network interfaces in NGZ and at least one of them was set with configure-allowed-address=false (you have mentioned it as Option 1), then you will have more weird results after zone boots: this will prevent other network interface (which were added after the mentioned interface) creation in non-global zones.
We have an opened CR 16538240 on that problem (Solaris 11 zones property "configure-allowed-address" impacting for others anets)