Skip Navigation Links | |
Exit Print View | |
Trusted Extensions Configuration Guide Oracle Solaris 10 8/11 Information Library |
1. Security Planning for Trusted Extensions
2. Configuration Roadmap for Trusted Extensions
3. Adding Trusted Extensions Software to the Oracle Solaris OS (Tasks)
4. Configuring Trusted Extensions (Tasks)
5. Configuring LDAP for Trusted Extensions (Tasks)
6. Configuring a Headless System With Trusted Extensions (Tasks)
B. Using CDE Actions to Install Zones in Trusted Extensions
Associating Network Interfaces With Zones by Using CDE Actions (Task Map)
Specify One IP Address for the System by Using a CDE Action
Preparing to Create Zones by Using CDE Actions (Task Map)
Specify Zone Names and Zone Labels by Using a CDE Action
Creating Labeled Zones by Using CDE Actions (Task Map)
Install, Initialize, and Boot a Labeled Zone by Using CDE Actions
Resolve Local Zone to Global Zone Routing in Trusted CDE
Customize a Booted Zone in Trusted Extensions
Use the Copy Zone Method in Trusted Extensions
Use the Clone Zone Method in Trusted Extensions
In this configuration, the host's address applies only to the global zone. Labeled zones share a second IP address with the global zone.
Before You Begin
You are superuser in the global zone. The system has already been assigned two IP addresses. You are in a Trusted CDE workspace.
This folder contains actions that set up interfaces, LDAP clients, and labeled zones.
Note - The system must already have been assigned two IP addresses. For this action, provide the second address and a host name for that address. The second address is the shared address.
Hostname: Type the name for your labeled zones interface IP Address: Type the IP address for the interface
This action configures a host with more than one IP address. The IP address for the global zone is the name of the host. The IP address for a labeled zone has a different host name. In addition, the IP address for the labeled zones is shared with the global zone. When this configuration is used, labeled zones are able to reach a network printer.
Tip - Use a standard naming convention for labeled zones. For example, add -zones to the host name.
# ifconfig -a
For example, the following output shows a shared logical interface, hme0:3 on network interface 192.168.0.12 for the labeled zones. The hme0 interface is the unique IP address of the global zone.
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1 inet 127.0.0.1 netmask ff000000 ether 0:0:00:00:00:0 hme0: flags=1000843<BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2 inet 192.168.0.11 netmask fffffe00 broadcast 192.168.0.255 hme0:3 flags=1000843<BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2 all-zones inet 192.168.0.12 netmask fffffe00 broadcast 192.168.0.255
Starting in the Solaris 10 10/08 release, the loopback interface, lo0, is also an all-zones interface:
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1 all-zones inet 127.0.0.1 netmask ff000000 ether 0:0:00:00:00:0 ...