-
oninoshiko
jason123onirc: well, that depends. if you're using exclusive-ip zone mine looks something like this (I didn't set the mac, it did that on it's own):
dpaste.org/65bo1
-
oninoshiko
in your case, global-nic is going to be your physical nic
-
oninoshiko
(the VM I pulled that from used an etherstub)
-
oninoshiko
I'm afraid I don't know the other types though
-
jason123onirc
oninoshiko: I used 10.0.1.1 because that is what I saw online but is it better to use 192.168.2.1 instead
-
oninoshiko
you just need to use whatever your network is useing
-
oninoshiko
both are nonroutable IPs, so they'll need to be NATed
-
nahamu
When is the r54 freeze?
-
jason123onirc
So if my network is 192.168.1.1 then I can use 192.168.2.1 for the zone?
-
tomww
depends on you netmask and if you want internet access (given that your IP router offerst to route 192.168.1.1 to 192.168.1.254 to the internet
-
ik5pvx
/n/13
-
jason123onirc
I want internet on the zone but want it to be on its own internal ip
-
sommerfeld
jason123onirc: really depends on how the rest of your network is set up. what you'd do on a typical home network with ISP router might differ from what you'd do on a VPS or colo'ed machine in a datacenter.
-
jason123onirc
yeah that makes sense
-
sommerfeld
on a home network, it's perhaps easiest to create a vnic over your physical nic and let it get an address via dhcp from your router outside the box.
-
jason123onirc
so I have to give it an ip that my router can control?
-
sommerfeld
you could also put the zone's vnic on an etherstub and have the global zone act as NAT for the non-global zone(s)
-
jason123onirc
what ip would I use if i want to do nat?
-
sommerfeld
jason123onirc: again, depends on your home network config. if you can control the range of addresses given out by your router's DHCP server you can statically assign an address outside the router's pool.
-
sommerfeld
jason123onirc: if you want to do double-nat (with nat on your router and again on your global zone) you could pick any rfc1918 subnet not used by your existing network.
-
sommerfeld
(rfc1918 = 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8 and smaller subnets of those networks)
-
jason123onirc
I have it set as
-
jason123onirc
"allowed-address" : "192.168.0.101/16",
-
jason123onirc
"defrouter" : "192.168.0.0",
-
jason123onirc
but its not giving the zone internet access
-
sommerfeld
what physical nic is the zone's vnic on top of?
-
sommerfeld
defrouter shouldn't be set in zonecfg for an exclusive stack zone; you have to set the zone and route from inside the zone
-
sommerfeld
excuse me, you have to set the address and route from inside the zone (either ipadm static or dhcp)
-
tsoome
192.168.0.0 doe not look like node address
-
sommerfeld
that, too.
-
jason123onirc
would it be 192.168.0.1?
-
tsoome
yep
-
jason123onirc
ok
-
sommerfeld
or 192.168.1.254
-
tsoome
first address is network, last is broadcast
-
sommerfeld
or whatever your first-hop router's address is
-
jason123onirc
and then i set it inside of the zone?
-
sommerfeld
yes, zlogin to zone, and set with ipadm
-
jason123onirc
my router is on 192.168.1.1 but i want to do nat on the zone
-
sommerfeld
then you need to setup ipnat in the global zone, put the vnic on top of an etherstub, give the global zone an address on the etherstub, turn on ip forwarding, and point the zone's default route at the global zone's address on the etherstub
-
jason123onirc
i try to create a static ip from inside the zone and it says
-
jason123onirc
ipadm: Could not create address: Operation not permitted on from-gz interface
-
tsoome
what ip-type is configured in zone?
-
jason123onirc
it says from-gz
-
tsoome
you need to check from global zone, either zonecfg -z zonename info or see from xml
file:)
-
jason123onirc
If I set a allowed address outside of my dhcp then it fails but I will try if it works to configure it inside the zone
-
jason123onirc
I am just trying to get internet access working