Some things are reasonably obvious in hindsight. This was one of them.
I've been consolidating some old applications into
zones on a
Solaris server.
Some of them were on physical servers, some were already in zones on other hardware. It turned out that the applications I was consolidating lived on two different subnets, and I didn't really want to go to the trouble of changing IP addresses.
No problem. The
T5140 I was using has multiple interfaces, so I connected one of the unused interfaces to the second subnet and gave it an address (the server's primary interface was already in the first subnet I was using).
Then configure up the zones, remembering that you need to choose the correct network device depending on which subnet the zone is in.
And the zones didn't work. Bother. What did I forget? This:
At least one of the network interfaces used by a zone needs to have a default route associated with it.Specifically, that second network interface needs to have a default route added to it. For the main host, it didn't matter - it will route packets over whichever interface it needs to. But if a zone is only associated with the second network interface, it can't use the default route associated with the first interface.
I add routes explicitly, so just a quick manual
route add net default 10.2.3.254
to add a default route for the second interface did the trick - you can have multiple default routes and Solaris will always use the right one.
To make this permanent, just add multiple lines to the
/etc/defaultrouter
file.