Skip Navigation Links | |
Exit Print View | |
System Administration Guide: Oracle Solaris Zones, Oracle Solaris 10 Containers, and Resource Management Oracle Solaris 11 Express 11/10 |
Part I Oracle Solaris Resource Management
1. Introduction to Resource Management
2. Projects and Tasks (Overview)
3. Administering Projects and Tasks
4. Extended Accounting (Overview)
5. Administering Extended Accounting (Tasks)
6. Resource Controls (Overview)
7. Administering Resource Controls (Tasks)
8. Fair Share Scheduler (Overview)
9. Administering the Fair Share Scheduler (Tasks)
10. Physical Memory Control Using the Resource Capping Daemon (Overview)
11. Administering the Resource Capping Daemon (Tasks)
13. Creating and Administering Resource Pools (Tasks)
14. Resource Management Configuration Example
15. Introduction to Oracle Solaris Zones
16. Non-Global Zone Configuration (Overview)
17. Planning and Configuring Non-Global Zones (Tasks)
18. About Installing, Halting, Uninstalling, and Cloning Non-Global Zones (Overview)
19. Installing, Booting, Halting, Uninstalling, and Cloning Non-Global Zones (Tasks)
20. Non-Global Zone Login (Overview)
21. Logging In to Non-Global Zones (Tasks)
22. Moving and Migrating Non-Global Zones (Tasks)
23. About Packages on an Oracle Solaris 11 Express System With Zones Installed
24. Oracle Solaris Zones Administration (Overview)
Global Zone Visibility and Access
Process ID Visibility in Zones
Reporting Active Zone Statistics with the zonestat Utility
File Systems and Non-Global Zones
Mounting File Systems in Zones
Unmounting File Systems in Zones
Security Restrictions and File System Behavior
Non-Global Zones as NFS Clients
Use of mknod Prohibited in a Zone
Restriction on Accessing A Non-Global Zone From the Global Zone
Networking in Shared-IP Non-Global Zones
IP Traffic Between Shared-IP Zones on the Same Machine
Oracle Solaris IP Filter in Shared-IP Zones
IP Network Multipathing in Shared-IP Zones
Networking in Exclusive-IP Non-Global Zones
Exclusive-IP Zone Partitioning
Exclusive-IP Data-Link Interfaces
IP Traffic Between Exclusive-IP Zones on the Same Machine
Device Use in Non-Global Zones
/dev and the /devices Namespace
Utilities That Do Not Work or Are Modified in Non-Global Zones
Utilities That Do Not Work in Non-Global Zones
SPARC: Utility Modified for Use in a Non-Global Zone
Running Applications in Non-Global Zones
Resource Controls Used in Non-Global Zones
Fair Share Scheduler on a System With Zones Installed
FSS Share Division in a Global or Non-Global Zone
Extended Accounting on a System With Zones Installed
Privileges in a Non-Global Zone
Using IP Security Architecture in Zones
IP Security Architecture in Shared-IP Zones
IP Security Architecture in Exclusive-IP Zones
Using Oracle Solaris Auditing in Zones
Running DTrace in a Non-Global Zone
About Backing Up an Oracle Solaris System With Zones Installed
Backing Up Loopback File System Directories
Backing Up Your System From the Global Zone
Backing Up Individual Non-Global Zones on Your System
Creating Oracle Solaris ZFS Backups
Determining What to Back Up in Non-Global Zones
Backing Up Application Data Only
General Database Backup Operations
About Restoring Non-Global Zones
Commands Used on a System With Zones Installed
25. Administering Oracle Solaris Zones (Tasks)
26. Troubleshooting Miscellaneous Oracle Solaris Zones Problems
Part III Oracle Solaris 10 Zones
27. Introduction to Oracle Solaris 10 Zones
28. Assessing an Oracle Solaris 10 System and Creating an Archive
30. Configuring the solaris10 Branded Zone
31. Installing the solaris10 Branded Zone
32. Booting a Zone and Zone Migration
33. solaris10 Branded Zone Login and Post-Installation Configuration
An exclusive-IP zone has its own IP-related state and tuning variables. The zone is assigned its own set of data-links when the zone is configured.
For information on features that can be used in an exclusive-IP non-global zone, see Exclusive-IP Non-Global Zones. For information on tuning IP ndd variables, see Oracle Solaris Tunable Parameters Reference Manual.
Exclusive-IP zones have separate TCP/IP stacks, so the separation reaches down to the data-link layer. One or more data-link names, which can be a NIC or a VLAN on a NIC, are assigned to an exclusive-IP zone by the global administrator. The zone administrator can configure IP on those data-links with the same flexibility and options as in the global zone.
A data-link name must be assigned exclusively to a single zone.
The dladm show-link command can be used to display data-links assigned to running zones.
For more information, see dladm(1M)
There is no internal loopback of IP packets between exclusive-IP zones. All packets are sent down to the data-link. Typically, this means that the packets are sent out on a network interface. Then, devices like Ethernet switches or IP routers can forward the packets toward their destination, which might be a different zone on the same machine as the sender.
You have the same IP Filter functionality that you have in the global zone in an exclusive-IP zone. IP Filter is also configured the same way in exclusive-IP zones and the global zone.
IP network multipathing (IPMP) provides physical interface failure detection and transparent network access failover for a system with multiple interfaces on the same IP link. IPMP also provides load spreading of packets for systems with multiple interfaces.
The data-link configuration is done in the global zone. First, multiple data-link interfaces are assigned to a zone using zonecfg. The multiple data-link interfaces must be attached to the same IP subnet. IPMP can then be configured from within the exclusive-IP zone by the zone administrator.