Does Solaris 10 optimize socket communication between processes that
are running on different (local or the global) zones on a single
physical host?

Say on my sun box I have a single NIC and I have configured virtual IP
addresses so that I can run 1 global zone & 2 local zones ("zone1" and
"zone2").
If I ping zone1 from zone2, do the packets actually travel outside the
machine and back again?
My thought is that they do not but I am not able to find a proper
documentation where it says so.

Would the answer change if I have multiple NICs, one for each zone?

TIA.

On May 18, 2:29 pm, Amol Vaikar <amol.vai...@gmail.com> wrote:

>
> Say on my sun box I have a single NIC and I have configured virtual IP
> addresses so that I can run 1 global zone & 2 local zones ("zone1" and
> "zone2").
> If I ping zone1 from zone2, do the packets actually travel outside the
> machine and back again?

No, I'm pretty sure they don't (actually I'm absolutely sure, but I
haven't actually checked).  One symptom of this is that firewalling
etc does not work between zones (which is something I understand is
being fixed in some later release!)

--tim

Hi Amol,


> Does Solaris 10 optimize socket communication between processes that
> are running on different (local or the global) zones on a single
> physical host?

if you take a look in the global process table, you can see all 
processes fromn all zones. So the "nonglobal" processes are only 
different in the "flag" called zonename (global vs. $ZONE) and some less 
privileges. So the answer to your question is: yes, Solaris does.


> If I ping zone1 from zone2, do the packets actually travel outside the
> machine and back again?

You're right with your thought (not quoted), the packages don't travel 
outside. Because right now all zones interfaces are logical ones and 
Solaris routes them through the loopback, they are not on the line.

 > Would the answer change if I have multiple NICs, one for each zone?

I'm quite sure that this will make no difference, but I haven't verify 
that until now.

If you are interested in Zones networking, take a look at the crossbow 
project in Open Solaris. There you can define a virtual ( != logical) 
interface for zones, this will make some things much easier (i.e. 
bandwith-controlling)in futere Solaris 10 releases.

> TIA.

HTH,

Michael Weis

In article <1179494999.883737.63230@l77g2000hsb.googlegroups.com>,
	Amol Vaikar <amol.vaikar@gmail.com> writes:
> Does Solaris 10 optimize socket communication between processes that
> are running on different (local or the global) zones on a single
> physical host?

Yes.
It even avoids things like generating TCP checksums on such traffic.

> Say on my sun box I have a single NIC and I have configured virtual IP
> addresses so that I can run 1 global zone & 2 local zones ("zone1" and
> "zone2").
> If I ping zone1 from zone2, do the packets actually travel outside the
> machine and back again?

No.

> My thought is that they do not but I am not able to find a proper
> documentation where it says so.

This is really nothing much to do with Zones. Traffic addressed
to a local NIC is always looped inside the OS, and in Solaris
this is done through the loopback interface (which is built inside
IP, so it doesn't even go down to a NIC driver).

The original ethernet interfaces were all half duplex and it would
not have possible to transmit and receive at the same time, so you
couldn't receive the data you transmitted.

> Would the answer change if I have multiple NICs, one for each zone?

No.

-- 
Andrew Gabriel
[email address is not usable -- followup in the newsgroup]