Enabling New Network Interface

Description:

This procedure describes how to enable a new network interface to the an existing zone configuration without rebuilding the zone.

Prerequisites:	Access to the global zone server. Zone must be in the Installed.
Notes:	A new interface may also be enabled to an existing zone by using `ifconfig` command, but will not be a permanent part of the zone configuration. To use any network interface with a local zone, the interface must be plumbed (e.g. `ifconfig <interface> plumb`) in the global zone. If no network is assigned on the global zone to an existing network, its default address will be `inet 0.0.0.0 netmask 0`.
References:	Solaris Containers-Resource Management and Solaris Zones ()

Step Action Description

1 Use zonecfg -z <zone name>

# /usr/sbin/zonecfg -z <zone name>

On the global zone, add the new interface to the zone using zonecfg -z <zonename>.

global# /usr/sbin/zonecfg -z test 
zonecfg -z test
zonecfg:test> add net
zonecfg:test:net> set physical=bge1
zonecfg:test:net> set address=10.12.13.14
zonecfg:test:net> info
net:
        address: 10.12.13.14 
        physical: bge1
zonecfg:test:net> end
zonecfg:test> test
zonepath: /zones/test
autoboot: true
pool: 
inherit-pkg-dir:
        dir: /lib
inherit-pkg-dir:
        dir: /platform
inherit-pkg-dir:
        dir: /sbin
inherit-pkg-dir:
        dir: /usr
inherit-pkg-dir:
        dir: /opt/sfw
net:
        address: 192.168.3.26/24
        physical: bge0
net:
        address: 10.12.13.14/24
        physical: bge1
zonecfg:test> exit
global# cat test.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE zone PUBLIC "-//Sun Microsystems Inc//DTD Zones//EN"
                            "file:///usr/share/lib/xml/dtd/zonecfg.dtd.1">
<!--
    DO NOT EDIT THIS FILE.  Use zonecfg(1M) instead.
-->
<zone name="lqwdev" zonepath="/zones/lqwdev" autoboot="true">
  <inherited-pkg-dir directory="/lib"/>
  <inherited-pkg-dir directory="/platform"/>
  <inherited-pkg-dir directory="/sbin"/>
  <inherited-pkg-dir directory="/usr"/>
  <inherited-pkg-dir directory="/opt/sfw"/>
  <network address="192.168.3.26/24" physical="bge0"/>
  <network address="10.12.13.14/24" physical="bge1"/>
</zone>
global#

2 Use zonecfg -z <zone name> remove net physical=<interface name>

# /usr/sbin/zonecfg -z <zone name> remove net physical=<interface name>

On the global zone, remove the old interface on the zone using zonecfg -z <zonename> remove net physical=<interface name>.

global# /usr/sbin/zonecfg -z test
zonecfg:test> info
zonepath: /zones/test
autoboot: true
pool: 
inherit-pkg-dir:
        dir: /lib
inherit-pkg-dir:
        dir: /platform
inherit-pkg-dir:
        dir: /sbin
inherit-pkg-dir:
        dir: /usr
inherit-pkg-dir:
        dir: /opt/sfw
net:
        address: 192.168.3.26/24
        physical: bge0
net:
        address: 10.12.13.14/24
		      physical: bge1
zonecfg:test> remove net physical=bge0
zonecfg:test> zonecfg:test> info
zonepath: /zones/test
autoboot: true
pool:
inherit-pkg-dir:
        dir: /lib
inherit-pkg-dir:
        dir: /platform
inherit-pkg-dir:
        dir: /sbin
inherit-pkg-dir:
        dir: /usr
inherit-pkg-dir:
        dir: /opt/sfw
net:
        address: 10.12.13.14/24
        physical: bge1
zonecfg:test> exit
global#

3 Use zoneadm -z <zone name> reboot

# /usr/sbin/zoneadm -z <zone name> reboot

On the global zone, use the zoneadm -z <zone name> reboot to enable the new network in the updated zone configuration.

global# /usr/sbin/zoneadm -z test reboot
global# ifconfig -a
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
        inet 127.0.0.1 netmask ff000000 
lo0:1: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
        zone test
        inet 127.0.0.1 netmask ff000000 
lo0:2: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
        zone test2
        inet 127.0.0.1 netmask ff000000 
bge0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
        inet 192.168.3.32 netmask ffffff00 broadcast 192.168.3.255
        ether 0:9:3d:13:e:5 
bge0:1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
        zone test
        inet 192.168.3.25 netmask ffffff00 broadcast 192.168.3.255
bge1:   flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
        zone test
        inet 10.12.13.14/24 netmask ffffff00 broadcast 10.12.13.255	
global#

Notes:

If the interface is configured wrong and connot be enabled, an error meesage will be generated and the zone will not change states from "installed" to "running".

You may also temporarily enable a new interface in the zone using the zlogin command as the console user with ifconfig -a on the zone to plumb and unplumb the network interfaces.

myzone# ifconfig bge0:2 unplumb 
myzone# ifconfig bge1:0 plumb
myzone# ifconfig bge1 10.12.13.14 netmask 255.255.255.0 broadcast 10.12.13.255 zone test up
myzone#

But this network zone configuration is only temporary and will only be valid until the system is rebooted.

Click for more info