Go to main content

Creating and Using Oracle® Solaris Kernel Zones

Exit Print View

Updated: August 2021

Managing Kernel Zone Network Devices and Configuration

Kernel zones provide network access in kernel zones by adding net or anet resources. See Configurable Resource Types and Global Properties in Oracle Solaris Zones Configuration Resources for more information about these two resource types.

Note -  Best practice is to use an anet resource with kernel zones.

Kernel zones must be exclusive-IP zones. For information about exclusive-IP zones, see Networking in Exclusive-IP Non-Global Zones in Creating and Using Oracle Solaris Zones.

You can supply additional MAC addresses to support running native (solaris) zones inside a kernel zone. See Managing Non-Global Zones in Kernel Zones for more information.

You can optionally specify a network device ID to identify the VNIC address from inside the zone and determine the order in which the network interfaces are presented to the kernel zone. This process is similar to moving a NIC from one physical slot to another.

Example 12  Adding Network Devices to a Kernel Zone

This example shows how to add a network device to the kernel zone kzone1. The ID of 3 specifies the order in which the new anet interface is presented to the kernel zone. After booting the zone, the dladm show-phys -i command shows information about implicitly created physical links in the kernel zone. The value in the ID column matches the ID that you set with zonecfg.

global$ pfbash zonecfg -z kzone1
zonecfg:kzone1> add anet
zonecfg:kzone1:anet> set id=3
zonecfg:kzone1:anet> info
anet 1:
        id: 3
zonecfg:kzone1:anet> end ; exit

global$ zoneadm -z kzone1 boot
global$ zlogin kzone1 dladm show-phys -i
LINK            MEDIA         ID        DEVICE       ACTIVE       STANDBY
net0            Ethernet      anet:0    vnic1000     --           zvnet0
net1            Ethernet      anet:3    vnic1001     --           zvnet1
Example 13  Removing Network Devices From a Kernel Zone

This example shows how to remove a network device from the kernel zone kzone1. The information about the existing anet resources is listed and the anet device with the ID of 1 is deleted.

global$ pfbash zonecfg -z kzone1 info anet
        configure-allowed-address: true
        id: 0
        configure-allowed-address: true
        id: 1

global$ zonecfg -z kzone1 remove anet id=1