Oracle Solaris data link protection can also be applied individually to all Oracle Solaris non-global zones deployed within the SuperCluster environment.
Ensure that the list of allowed IP address is accurate and complete. The list must include any virtual IP addresses used by Oracle Solaris IPMP, Oracle Real Application Clusters, and so on. Also note that changes made to the SuperCluster non-global zone configuration do not take effect until after the non-global zone is restarted. For more information, refer to the Oracle Solaris zonecfg(1M) man page.
# zonecfg –z zonename zonecfg:zonename> select anet linkname=network-link-name zonecfg:zonename:anet> set allowed-address="list_of_allowed_IP_addresses" zonecfg:zonename:anet> set link-protection=mac-nospoof,ip-nospoof,restricted zonecfg:zonename:anet> set configure-allowed-address=false zonecfg:zonename:anet> end zonecfg:zonename> commit zonecfg:zonename> exit