How to Verify the Exclusive IP Zone Over VNIC Configuration

After you complete zone configuration, confirm that the zones and VNICs are now configured as you expected.

Before You Begin

The procedures in this task assume that you have installed and configured two or more exclusive IP zones over a VNIC. If you have not done this, perform the following procedures, in sequential order:

• How to Create an Exclusive IP Zone Over a VNIC

• How to Install the Exclusive IP Zone on a VNIC

• How to Configure an Exclusive IP Zone Over a VNIC Through the Zone Console or How to Manually Configure the VNIC and Exclusive IP Zone

1. On the system where you build the virtual network, become superuser or assume the equivalent root role in the global zone.

   To create and assign the root role, see How to Make root User Into a Role in System Administration Guide: Security Services.

2. Go to the parent directory for all zones that you created.

   You supply this directory to the zonecfg command as the first part of the zone path.

   # cd parent-zone-path

   For example, to access the parent directory for both zones created in the procedure How to Create an Exclusive IP Zone Over a VNIC, type:

   # cd /export/home

   If the parent directory for the zones does not exist, check your zone configuration.

3. Verify that the zone home directory trees exist in the correct parent directory in the global zone.

   # pwd /export/home # ls zone-name

   For example, to verify that the zone subdirectories have been created in the parent /export/home directory, in the global zone, type:

   # ls zone1 zone2

   The subdirectories for the two new zones have been created. If these subdirectories do not exist, check your zone configuration.

4. Verify that the hostname.vnic-name file exists and that its entry is correct.

   Each VNIC that you configure for a zone requires a hostname.vnic-name file to ensure that the IP address of the VNIC and zone persist after reboots. First, verify that a hostname.vnic-name file exists:

   cd /export/home/zone-name/root/etc # ls host* hostname.vnic1 hosts

   This output indicates that a hostname.vnic1 file exists. The file should contain one entry with the name of the zone, for example:

   cat hostname.vnic1 zone1

   If this file does not exist, create it as shown in How to Manually Configure the VNIC and Exclusive IP Zone.

5. Check the contents of the zone's hosts file.

   # pwd /export/home/zone-name/root/etc/ # cat hosts # Internet host table # ::1 localhost 127.0.0.1 localhost 192.168.3.20 zone1 loghost

   In this output, the entry 192.168.3.20 zone1 loghost shows the address that is assigned to the VNIC for zone1. Your output should have a similar entry for the zone and VNIC.

   If this file does not have an entry for the zone, refer to the appropriate step in How to Manually Configure the VNIC and Exclusive IP Zone.

6. Add the IP addresses of the VNICs and names of their associated zones to the /etc/inet/hosts file in the global zone.

   ---

   Note –

   Be sure that you are in the hosts file for the global zone, not the host file in a subdirectory tree for a zone.

   ---

   # cd /etc/inet # vi hosts # Internet host table # ::1 localhost 127.0.0.1 localhost 192.168.3.70 myhost loghost

   The only non-loopback IP address in this output is 192.168.3.70, the address associated with the system's network interface. Add entries for all VNICs associated with zones to this file, using the following format:

   VNIC-IP-address zone-name- IP address

   For example, you would type the following entry for vnic1 and zone1:

   192.168.3.20 zone1-192-168-3-20

7. Log in to the new zone and verify that you are in its home directory:

   For example, for zone1 you would type:

   # zlogin zone1 # pwd /

   You are now in the root directory of zone1. If you cannot log in to the zone, check your zone configuration.

8. Verify that the VNIC you previously defined for the zone is now configured as an IP interface.

   Your output should resemble the following:

   # ifconfig -a lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1 inet 127.0.0.1 netmask ff000000 vnic1: flags=201000842<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS> mtu 1500 index 2 inet 192.168.3.20 netmask ffffff00 broadcast 192.168.3.255 ether 2:8:20:54:f4:74

   In the output, vnic1 is configured with the IP address that you specified during zone configuration. vnic1 also has an automatically generated unique MAC address ether 2:8:20:54:f4:74 . Note that there are no entries for the system's network interfaces or for VNICs that are configured for other zones.

   If you do not have an entry for the VNIC associated with the zone, you need to plumb the VNIC. In particular, you will have these results if you chose not to perform initial VNIC configuration from the zone console. For instructions for plumbing the VNIC, refer to the appropriate step in How to Manually Configure the VNIC and Exclusive IP Zone.

9. Exit the current zone.

   Return to the global zone, where you can repeat the previous steps to confirm that all VNICs and zones are properly configured.

Next Steps

You can use various tools to observe network traffic and take statistics on zone usage.

• To verify that your network is properly configured, refer to Verifying Virtual Network Connectivity

• To observe traffic over the virtual network, refer to How to Verify Virtual Network Connectivity by Using the snoop Command.

• To obtain statistics for accounting purposes, refer to Gathering Usage Statistics for VNICs and Flows.

If you need to disassemble the virtual network, refer to How to Remove the Virtual Network Without Removing the Zones.