beautypg.com

Sun Microsystems SOLARIS 10 User Manual

Page 98

background image

Version 3.1-en

Solaris 10 Container Guide - 3.1 5. Cookbooks

Effective: 30/11/2009

5.2.7.8. Connection of zones via external routers using the shared IP instance
[dd/ug] A web server in zone1 is contacted from the internet and needs the application server in
zone2 to fulfill the orders.

Zone1 should be connected to the internet through a separate network.

The connection from zone1 to zone2 should take place through an external load
balancing router. For reasons of clarity, no additional instances for web and application
servers are contained here.

Direct communication between the local zones should not be possible, but rather through the
external router instead.

Communication between the global zone and the local zones is not intended.

Implementation:

The network interfaces provided for the local zones (bge1, bge2 and bge3) must not
be used elsewhere in the global zone.

To prepare for local zones, the interfaces must be plumbed (but not enabled); thereby, the
interfaces receive the address 0.0.0.0:
ifconfig bge1 plumb down
ifconfig bge2 plumb down
ifconfig bge3 plumb down

The network configuration of the zones is established by setting the zones to the ready
status.
zoneadm -z zone1 ready
zoneadm -z zone2 ready
The addresses listed in the zone configuration are now active.
(zone1: 192.168.201.1,192.168.200.1 and zone2:192.168.202.1)

A default route is specified for communication of the zone zone1 to the internet.
zonecfg:set defrouter=192.168.200.2
In addition, a route is required to the apparent address of zone2 behind the NAT router.
route add 192.168.102.0 192.168.201.2

91

Figure 37: [dd] Zones connected to independent customer networks using exclusive IP instances

bge0 - 192.168.1.1

ip type: shared

Global Zone

bge2 - 192.168.202.1
Def router - 192.168.202.2

ip type: exclusive

Zone 2

bge1 - 192.168.201.1
Def router - 192.168.201.2

ip type: exclusive

Zone 1

192.168.1.0

Network

192.168.101.0

Customer Network

A

NAT
router

192.168.101.201

192.168.201.2

192.168.102.0

Customer Network

B

NAT
router

192.168.102.201

192.168.202.2

See also other documents in the category Sun Microsystems Hardware: