Solaris : No ping to logical Zone interface

I have the following issue on Solaris 11 Express.

I have a 1 running zone named Zone1, that I want to add a new interface to.

I bring up the interface bnx1:

ifconfig bnx1 plumb

Assign the address to the interface and bind it to the zone:

ifconfig bnx1 addif 172.16.13.11/16 zone Zone1 up

Check the ifconfig output:

bnx1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 5
        inet 0.0.0.0 netmask ffffffff 
        ether 84:2b:2b:76:a1:88 
bnx1:1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 5
        zone Zone1
        inet 172.16.13.11 netmask ffff0000 broadcast 172.16.255.255

Check the ARP table:

# arp -a
Net to Media Table: IPv4
Device   IP Address               Mask      Flags      Phys Addr
------ -------------------- --------------- -------- ---------------
bnx1   172.16.13.11         255.255.255.255 SPLA     84:2b:2b:76:a1:88
bnx0   172.16.13.10         255.255.255.255 SPLA     84:2b:2b:76:a1:86

At this point I have no ping the address:

ping 172.16.13.11
no answer from 172.16.13.11

Than I unplumb the Zone1 interface:

ifconfig bnx1:1 unplumb

Creating the logical interface w/o binding to the Zone1:

ifconfig bnx1 addif 172.16.13.11/16 up

Check the ifconfig output:

bnx1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 5
        inet 0.0.0.0 netmask ffffffff 
        ether 84:2b:2b:76:a1:88 
bnx1:1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 5
        inet 172.16.13.11 netmask ffff0000 broadcast 172.16.255.255

Check the ARP table:

# arp -a 
Net to Media Table: IPv4
Device   IP Address               Mask      Flags      Phys Addr
------ -------------------- --------------- -------- ---------------
bnx1   172.16.13.11         255.255.255.255 SPLA     84:2b:2b:76:a1:88
bnx0   172.16.13.10         255.255.255.255 SPLA     84:2b:2b:76:a1:86

And now I do have a ping:

# ping 172.16.13.11
172.16.13.11 is alive

Can you tell me what did I miss ?

Thanks !

Best Answer

My guess is that in the first case, the network stack is sending a ping out on bnx0 and not receiving a reply because bnx1 is not connected to the same network. In the second case, the ping is short-circuited through the network stack so it succeeds immediately.

In general I would not recommend using multiple interfaces on the same subnet in this way. If you need redundancy, use LACP (if your switch supports it) or IPMP. If you need traffic isolation, use a different subnet for bmz1. If you need neither, just add a new virtual interface to bmz0 instead of bmz1.

Best Answer

Related Solutions

TCP tunable parameters in Solaris non-global zone

Disk I/O issue with Solaris Zone

Related Topic