Thursday, September 15, 2016

the fabled ipv6 sol 10 post

 IPv6 in Shared-Stack Zones  
 By user12618912 on Oct 08, 2009  
   
 I was recently at an OpenSolaris user-group meeting where a question was asked regarding how IPv6 could be used from a shared-stack zone. For the benefit of anyone who has a similar question, here is an example of a working configuration:   
   
 bash-3.2# zoneadm list -iv  
  ID NAME       STATUS   PATH              BRAND  IP    
   0 global      running  /               native  shared  
   - test       installed /export/home/test       native  excl   
   - test2      installed /export/home/test2       native  shared  
 The exclusive-stack zone "test" has all of its own networking configured within it, so IPv6 inherently just works there. The question, however, was about shared-stack, and so I setup the "test2" zone to demonstrate this.   
   
 bash-3.2# zonecfg -z test2  
 zonecfg:test2> add net  
 zonecfg:test2:net> set physical=e1000g0  
 zonecfg:test2:net> set address=fe80::1234/10  
 zonecfg:test2:net> end  
 zonecfg:test2> add net  
 zonecfg:test2:net> set physical=e1000g0  
 zonecfg:test2:net> set address=2002:a08:39f0:1::1234/64  
 zonecfg:test2:net> end  
 zonecfg:test2> verify  
 zonecfg:test2> commit  
 zonecfg:test2> exit  
 bash-3.2# zonecfg -z test2 info  
 zonename: test2  
 zonepath: /export/home/test2  
 brand: native  
 ...  
 net:  
  address: 10.8.57.111/24  
  physical: e1000g0  
  defrouter not specified  
 net:  
  address: fe80::1234/10  
  physical: e1000g0  
  defrouter not specified  
 net:  
  address: 2002:a08:39f0:1::1234/64  
  physical: e1000g0  
  defrouter not specified  
 Here I configured a link-local address fe80::1234/10, and a global address 2002:a08:39f0:1::1234/64. Each interface within each zone requires a link-local address for use with neighbor-discovery, and the global address is the address used for actual IPv6 communication by applications and services. The global address' prefix is one that is configured on the link to which the interface is connected. In the zone, we end up with:  
   
 bash-3.2# zlogin test2 ifconfig -a6  
 lo0:1: flags=2002000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv6,VIRTUAL> mtu 8252 index 1  
  inet6 ::1/128   
 e1000g0:2: flags=2000841<UP,RUNNING,MULTICAST,IPv6> mtu 1500 index 2  
  inet6 fe80::1234/10   
 e1000g0:3: flags=2000841<UP,RUNNING,MULTICAST,IPv6> mtu 1500 index 2  
  inet6 2002:a08:39f0:1::1234/64   
 The global zone has IPv6 connectivity using this same prefix as well as a default IPv6 route: [2]  
   
 bash-3.2# netstat -f inet6 -rn  
   
 Routing Table: IPv6  
  Destination/Mask      Gateway          Flags Ref  Use  If    
 --------------------------- --------------------------- ----- --- ------- -----   
 2002:a08:39f0:1::/64    2002:a08:39f0:1:214:4fff:fe1e:1e72 U    1    0 e1000g0:1   
 fe80::/10          fe80::214:4fff:fe1e:1e72  U    1    0 e1000g0   
 default           fe80::1           UG   1    0 e1000g0   
 ::1             ::1             UH   1   21 lo0    
 From the non-global zone, we have IPv6 connectivity:  
   
 bash-3.2# zlogin test2 ping -sn 2002:8194:aeaa:1:214:4fff:fe70:5530  
 PING 2002:8194:aeaa:1:214:4fff:fe70:5530 (2002:8194:aeaa:1:214:4fff:fe70:5530): 56 data bytes  
 64 bytes from 2002:8194:aeaa:1:214:4fff:fe70:5530: icmp_seq=0. time=4.654 ms  
 64 bytes from 2002:8194:aeaa:1:214:4fff:fe70:5530: icmp_seq=1. time=2.632 ms  
 64 bytes from 2002:8194:aeaa:1:214:4fff:fe70:5530: icmp_seq=2. time=2.501 ms  
 64 bytes from 2002:8194:aeaa:1:214:4fff:fe70:5530: icmp_seq=3. time=2.571 ms  
 \^C  
 ----2002:8194:aeaa:1:214:4fff:fe70:5530 PING Statistics----  
 4 packets transmitted, 4 packets received, 0% packet loss  
 round-trip (ms) min/avg/max/stddev = 2.501/3.090/4.654/1.044  

No comments: