SAN connection to global zone
All,
I currently have the setup below to my solaris 10 zone:
SAN connect to global zone where the mount point locate within non-global zone. SAN connection is place within global zone vfstab file. I run into this problem, the non-global zone will not automatically start when the SAN is connected to global zone at boot.
Please let me know where should I start looking for the cause of this problem.
Thanks for your time.
pnt
Hi MT,
Currently the SAN is connected into the Non-Global zone and they're not automatically mounted when the server is start, otherwise we won't able to connect to our server via ssh. I have it set up as following:
var/zone/non-globalzone/SAN
I tried to connect the SAN into the Global zone alone and let it automount when the global zone is started and still have problem with ssh connection. The ssh connect is turned in maintenance mode if I let the SAN automount from the vfstab. I don't know where to start looking for the problem.
Thanks for your time.
pnt
Similar Messages
-
Hi everyone, i have a question that's probably been asked before and i'm sure many others are interested in knowing the answer.
Is it possible to store non-global zone(s) on a SAN? The idea being that if the server hosting the non-global zone(s) dies, the non-global zone(s) can be brought up on another server that also has access to the same SAN. This is sort of what vmware can do. It would be great if Solaris 10 non-global zones could also do it.
StewartYes it is possible to do this. In fact if you use Sun Cluster (now free) it can be setup so that the zones automatically start on another node within the cluster. Basically any application that can run in a non-global zone can be clustered.
This also helps greatly with resource balancing as you can move zones between servers as needed. Note the zone does have to shutdown as start again but that usually takes less than a minute. -
Zones could not connect Oracle in global zone
Today I tried to install Zones for our customers.
I configed Zone1 and Zone2. Applications running in Zone1 and Zone2 used JDBC to connect to Oracle.
1. Both Zone1 and Zone2 can connect to other Oracle DB servers except the one in global zone.
2. All other clients or machines can connect to the Oracle DB server in the global zone.
So, the Oracle server in the global zone is running and zones network connection is good.
Is this a bug? This is very weird.
Please help me! Thanks.Issue is : Application in Zone1 and Zone2 could not connect Oracle dB in global zone. JDBC error is network adapter error. could not setup connection.
Under zone1 or zone2, i can ping global zone. And I can telnet Oracle listening port.
please help. -
Oracle 10g install is not working on Global zone
We installed Solaris 10 (below) in a T2000 using the same standards we have for many other hosts.After the installation was finished, three zones were exported from a M5000 class machine and imported into this T2000. From inside the zones we can call the Oracle10g installer and the graphical screen is presented. When executing the installed from the Global zone, we can see a java process running, using 100% of a thread, but no graphical interface is presented at all. Checking truss, we see a lot of pollsys being called. Any ideas?
# uname -a
SunOS wgsst2k01 5.10 Generic_127127-11 sun4v sparc SUNW,SPARC-Enterprise-T2000
# memconf -v
memconf: V2.6 06-May-2008 http://www.4schmidts.com/unix.html
hostname: wgsst2k01
banner: SPARC Enterprise T2000 (8-core quad-thread UltraSPARC-T1 1000MHz)
manufacturer: Sun Microsystems, Inc.
model: SPARC-Enterprise-T2000
Sun development codename: Ontario
Sun Family Part Number: SEB
Solaris 10 5/08 s10s_u5wos_10 SPARC, 64-bit kernel, SunOS 5.10
1 8-core quad-thread UltraSPARC-T1 1000MHz cpu, system freq: 200MHz
socket MB/CMP0/CH0/R0/D0 has a 1024MB (1GB) DIMM (address 0x000800000-0x4007fffff)
socket MB/CMP0/CH0/R0/D1 has a 1024MB (1GB) DIMM (address 0x000800000-0x4007fffff)
socket MB/CMP0/CH1/R0/D0 has a 1024MB (1GB) DIMM (address 0x000800000-0x4007fffff)
socket MB/CMP0/CH1/R0/D1 has a 1024MB (1GB) DIMM (address 0x000800000-0x4007fffff)
socket MB/CMP0/CH2/R0/D0 has a 1024MB (1GB) DIMM (address 0x000800000-0x4007fffff)
socket MB/CMP0/CH2/R0/D1 has a 1024MB (1GB) DIMM (address 0x000800000-0x4007fffff)
socket MB/CMP0/CH3/R0/D0 has a 1024MB (1GB) DIMM (address 0x000800000-0x4007fffff)
socket MB/CMP0/CH3/R0/D1 has a 1024MB (1GB) DIMM (address 0x000800000-0x4007fffff)
socket MB/CMP0/CH0/R1/D0 has a 1024MB (1GB) DIMM (address 0x000800000-0x4007fffff)
socket MB/CMP0/CH0/R1/D1 has a 1024MB (1GB) DIMM (address 0x000800000-0x4007fffff)
socket MB/CMP0/CH1/R1/D0 has a 1024MB (1GB) DIMM (address 0x000800000-0x4007fffff)
socket MB/CMP0/CH1/R1/D1 has a 1024MB (1GB) DIMM (address 0x000800000-0x4007fffff)
socket MB/CMP0/CH2/R1/D0 has a 1024MB (1GB) DIMM (address 0x000800000-0x4007fffff)
socket MB/CMP0/CH2/R1/D1 has a 1024MB (1GB) DIMM (address 0x000800000-0x4007fffff)
socket MB/CMP0/CH3/R1/D0 has a 1024MB (1GB) DIMM (address 0x000800000-0x4007fffff)
socket MB/CMP0/CH3/R1/D1 has a 1024MB (1GB) DIMM (address 0x000800000-0x4007fffff)
empty sockets: None
total memory = 16384MB (16GB)Cheers
AndreasThis pretty much says it all:
No connection could be made because the target machine actively refused it.What version of Vista?
What version of the agent? ... 10g is not a version number it is a marketing label
Did you check to see if the agent is compatible with your operating system?
My recommendation would be to get a real operating system: Either Oracle Linux or XP. -
How to enable GUI in a non global zone in solaris11?
How to enable graphical logon in a non global zone in solaris11, so the zone can be login by Xmanager? Thanks!
This guide will cover how to setup a basic VNC connection to a Solaris 11 machine. There is also an optional step to allow for persistent VNC connections.
Step 1
Configure GDM to include ‘[security] DisallowTCP=false’ and ‘[xdmcp] Enable=true’.
$ sudo gedit /etc/gdm/custom.conf
# GDM configuration storage
[daemon]
[security]
DisallowTCP=false
[xdmcp]
Enable=true
[greeter]
[chooser]
[debug]
Step 2
Configure X-Server to accept remote connections.
# svccfg -s application/x11/x11-server
svc:/application/x11/x11-server> setprop options/tcp_listen = boolean: true
svc:/application/x11/x11-server> end
Step 3
Configure the VNC service (you could change the ‘-geometry 1280×720′ to whatever resolution you would like).
# svccfg -s xvnc-inetd
svc:/application/x11/xvnc-inetd> setprop inetd_start/exec = astring: "/usr/bin/Xvnc -desktop sol11:0 -geometry 1024x768 -inetd -query localhost -once securitytypes=none"
svc:/application/x11/xvnc-inetd> setprop inetd/wait = boolean: true
svc:/application/x11/xvnc-inetd> end
** The line highlighted red is optional – only do this if you want your VNC connection to persist (as well as any potential security issues)
or
# svccfg -s xvnc-inetd
svc:/application/x11/xvnc-inetd> editprop
search for # setprop inetd_start/exec = astring: "/usr/bin/Xvnc
copy the line, uncomment the copy, makethe changes above, write the file out.
svcadm refresh xvnc-inetd
Step 4
Disable and the re-enable the GDM and VNC-inetd services for the changes to take effect.
$ su root
Password:
# svcadm disable gdm xvnc-inetd; svcadm enable gdm xvnc-inetd
If still in maintenance, reboot (I had to, don't know why).
Step 5
Point your favourite VNC client at your Solaris server and test if it accepts your VNC connection – you should be presented with a Username/Password login screen.
If you performed the optional step to make your connections persist – close your favourite VNC client and then reconnect – if you remained logged in you have a persistent connections.
Greg on said:
After a fresh text install of Solaris-11 (11/11) both xvnc-inetd and gdm are not present. After installing them (# pkg install xvnc-inetd gdm) I can’t get gdm to start:
# svcadm enable gdm
# svcs gdm
offline 10:24:03 svc:/application/graphical-login/gdm:default
Any thoughts?
Ron on said:
You are missing some X packages. Do the following:
pkg install slim_install # installs 400+ packages
svcadm enable gdm && exit # gdm now works
pkg uninstall slim_install # uninstalls the installer package only -
Non-global zone sending TCP SYN-ACK packet over wrong interface.
After spending many hours looking at ipmon/ethereal logs, I believe I've found
a explanation (a bug?) for the following strange behaviour (Solaris 10u1):
I've got a non-global zone with Apache2 with dedicated IP and bound to interface e1000g2 of a Sun X4200 box. The global zone has a different dedicated IP bound to a different interface e1000g0.
When I point a browser at the web site, the HTML page often comes up immediately, but sometimes it will hang and only load when I press the reload browser button one or multiple times. This is reproducible with different browsers from different networks with or without DNS resolution. It's reproducible with other non-local zones configured alike and running different TCP based services (namely SSH or non-Apache HTTP).
This is what happens in a failing case (Ethereal client dump "dump_failed.txt" and IPF log "att1.txt" lines 1-3 pp): the incoming TCP SYN comes over interface e1000g2 (correct) and is passed by IPF. However, the non-global zone sends the TCP SYN-ACK package back over interface e1000g0, which is wrong and causes IPF to fail to build a correct state entry. Then, afterwards, the response packets from the webserver will be filtered by IPF, since it has no state entry.
In the success case (Ethereal client dump "dump_success.txt" and IPF log "att1.txt" lines 19-21 pp), the incoming TCP SYN is answered correctly by a TCP SYN-ACK both over interface e1000g2. IPF can build a state entry and all subsequent packets from the webserver reach the client.
=====
The non-global zone has this setup:
zonecfg:ws1> info
...snip...
net:
address: 62.146.25.34
physical: e1000g2
zonecfg:ws1>
=====
The relevant (as of the IPF log) IPF rules are:
rule 1: block out log all
rule 16: pass in log quick proto tcp from any to 62.146.25.34 port = 80 keep state
=====
If I didn't miss an important point, I suspect this to be a bug in Zones and/or IPF.
Any hints?
Thx,
Tobias
"att1.txt":
LINE PACKET_DT PACKET_FS PACKET_IFC RULE_NUMBER RULE_ACTION SOURCE_IP SOURCE_PORT DEST_IP DEST_PORT PROTOCOL TCP_FLAGS
1 08.05.2006 21:24:09 786741 e1000g2 16 p 84.56.16.159 60693 62.146.25.34 80 tcp S
2 08.05.2006 21:24:09 786863 e1000g0 16 p 62.146.25.34 80 84.56.16.159 60693 tcp AS
3 08.05.2006 21:24:09 808218 e1000g2 16 p 84.56.16.159 60693 62.146.25.34 80 tcp A
4 08.05.2006 21:24:09 837170 e1000g2 16 p 84.56.16.159 60693 62.146.25.34 80 tcp AP
5 08.05.2006 21:24:09 837189 e1000g2 1 b 62.146.25.34 80 84.56.16.159 60693 tcp A
6 08.05.2006 21:24:09 837479 e1000g2 1 b 62.146.25.34 80 84.56.16.159 60693 tcp AP
7 08.05.2006 21:24:12 823801 e1000g2 16 p 84.56.16.159 60693 62.146.25.34 80 tcp AP
8 08.05.2006 21:24:12 823832 e1000g2 1 b 62.146.25.34 80 84.56.16.159 60693 tcp A
9 08.05.2006 21:24:13 210039 e1000g2 1 b 62.146.25.34 80 84.56.16.159 60693 tcp AP
10 08.05.2006 21:24:18 839318 e1000g2 16 p 84.56.16.159 60693 62.146.25.34 80 tcp AP
11 08.05.2006 21:24:18 839351 e1000g2 1 b 62.146.25.34 80 84.56.16.159 60693 tcp A
12 08.05.2006 21:24:19 970040 e1000g2 1 b 62.146.25.34 80 84.56.16.159 60693 tcp AP
13 08.05.2006 21:24:24 840073 e1000g2 1 b 62.146.25.34 80 84.56.16.159 60693 tcp AF
14 08.05.2006 21:24:30 870503 e1000g2 16 p 84.56.16.159 60693 62.146.25.34 80 tcp AP
15 08.05.2006 21:24:30 870538 e1000g2 1 b 62.146.25.34 80 84.56.16.159 60693 tcp A
16 08.05.2006 21:24:33 480059 e1000g2 1 b 62.146.25.34 80 84.56.16.159 60693 tcp AFP
17 08.05.2006 21:24:45 347464 e1000g2 16 p 84.56.16.159 60693 62.146.25.34 80 tcp AF
18 08.05.2006 21:24:45 347498 e1000g2 1 b 62.146.25.34 80 84.56.16.159 60693 tcp A
19 08.05.2006 21:24:47 857068 e1000g2 16 p 84.56.16.159 60694 62.146.25.34 80 tcp S
20 08.05.2006 21:24:47 857118 e1000g2 16 p 62.146.25.34 80 84.56.16.159 60694 tcp AS
21 08.05.2006 21:24:47 878257 e1000g2 16 p 84.56.16.159 60694 62.146.25.34 80 tcp A
22 08.05.2006 21:24:47 907630 e1000g2 16 p 84.56.16.159 60694 62.146.25.34 80 tcp AP
23 08.05.2006 21:24:47 907644 e1000g2 16 p 62.146.25.34 80 84.56.16.159 60694 tcp A
24 08.05.2006 21:24:47 907892 e1000g2 16 p 62.146.25.34 80 84.56.16.159 60694 tcp AP
25 08.05.2006 21:24:47 976361 e1000g2 16 p 84.56.16.159 60694 62.146.25.34 80 tcp AP
26 08.05.2006 21:24:47 976375 e1000g2 16 p 62.146.25.34 80 84.56.16.159 60694 tcp A
27 08.05.2006 21:24:47 976487 e1000g2 16 p 62.146.25.34 80 84.56.16.159 60694 tcp AP
28 08.05.2006 21:24:48 127599 e1000g2 16 p 84.56.16.159 60694 62.146.25.34 80 tcp A
29 08.05.2006 21:24:54 932569 e1000g2 16 p 84.56.16.159 60693 62.146.25.34 80 tcp AFP
30 08.05.2006 21:24:54 932595 e1000g2 1 b 62.146.25.34 80 84.56.16.159 60693 tcp A
31 08.05.2006 21:25:00 490052 e1000g2 1 b 62.146.25.34 80 84.56.16.159 60693 tcp AFP
32 08.05.2006 21:25:02 980057 e1000g2 16 p 62.146.25.34 80 84.56.16.159 60694 tcp AF
33 08.05.2006 21:25:03 1890 e1000g2 16 p 84.56.16.159 60694 62.146.25.34 80 tcp A
34 08.05.2006 21:25:09 907916 e1000g2 16 p 84.56.16.159 60694 62.146.25.34 80 tcp AF
35 08.05.2006 21:25:09 907949 e1000g2 16 p 62.146.25.34 80 84.56.16.159 60694 tcp A
36 08.05.2006 21:25:42 948502 e1000g2 16 p 84.56.16.159 60693 62.146.25.34 80 tcp AFP
37 08.05.2006 21:25:42 948535 e1000g2 1 b 62.146.25.34 80 84.56.16.159 60693 tcp A
38 08.05.2006 21:25:54 500051 e1000g2 1 b 62.146.25.34 80 84.56.16.159 60693 tcp AFP
39 08.05.2006 21:26:54 510046 e1000g2 1 b 62.146.25.34 80 84.56.16.159 60693 tcp AFP
40 08.05.2006 21:27:54 520041 e1000g2 1 b 62.146.25.34 80 84.56.16.159 60693 tcp AFP
41 08.05.2006 21:28:54 530040 e1000g2 1 b 62.146.25.34 80 84.56.16.159 60693 tcp AFP
42 08.05.2006 21:29:54 540039 e1000g2 1 b 62.146.25.34 80 84.56.16.159 60693 tcp AFP
43 08.05.2006 21:30:54 550039 e1000g2 1 b 62.146.25.34 80 84.56.16.159 60693 tcp AFP
44 08.05.2006 21:31:54 560041 e1000g2 1 b 62.146.25.34 80 84.56.16.159 60693 tcp AFP
"dump_failed.txt":
No. Time Source Destination Protocol Info
1 0.000000 192.168.1.101 62.146.25.34 TCP 1079 > http [SYN] Seq=0 Len=0 MSS=1460
Frame 1 (62 bytes on wire, 62 bytes captured)
Ethernet II, Src: FujitsuS_81:79:ea (00:30:05:81:79:ea), Dst: D-Link_9b:09:44 (00:0d:88:9b:09:44)
Internet Protocol, Src: 192.168.1.101 (192.168.1.101), Dst: 62.146.25.34 (62.146.25.34)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 48
Identification: 0x0269 (617)
Flags: 0x04 (Don't Fragment)
Fragment offset: 0
Time to live: 128
Protocol: TCP (0x06)
Header checksum: 0xde9d [correct]
Source: 192.168.1.101 (192.168.1.101)
Destination: 62.146.25.34 (62.146.25.34)
Transmission Control Protocol, Src Port: 1079 (1079), Dst Port: http (80), Seq: 0, Len: 0
Source port: 1079 (1079)
Destination port: http (80)
Sequence number: 0 (relative sequence number)
Header length: 28 bytes
Flags: 0x0002 (SYN)
Window size: 65535
Checksum: 0x5c3c [correct]
Options: (8 bytes)
No. Time Source Destination Protocol Info
2 0.022698 62.146.25.34 192.168.1.101 TCP http > 1079 [SYN, ACK] Seq=0 Ack=1 Win=49368 Len=0 MSS=1452
Frame 2 (62 bytes on wire, 62 bytes captured)
Ethernet II, Src: D-Link_9b:09:44 (00:0d:88:9b:09:44), Dst: FujitsuS_81:79:ea (00:30:05:81:79:ea)
Internet Protocol, Src: 62.146.25.34 (62.146.25.34), Dst: 192.168.1.101 (192.168.1.101)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 48
Identification: 0x002f (47)
Flags: 0x04 (Don't Fragment)
Fragment offset: 0
Time to live: 50
Protocol: TCP (0x06)
Header checksum: 0x2ed8 [correct]
Source: 62.146.25.34 (62.146.25.34)
Destination: 192.168.1.101 (192.168.1.101)
Transmission Control Protocol, Src Port: http (80), Dst Port: 1079 (1079), Seq: 0, Ack: 1, Len: 0
Source port: http (80)
Destination port: 1079 (1079)
Sequence number: 0 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 28 bytes
Flags: 0x0012 (SYN, ACK)
Window size: 49368
Checksum: 0xd017 [correct]
Options: (8 bytes)
No. Time Source Destination Protocol Info
3 0.022749 192.168.1.101 62.146.25.34 TCP 1079 > http [ACK] Seq=1 Ack=1 Win=65535 [TCP CHECKSUM INCORRECT] Len=0
Frame 3 (54 bytes on wire, 54 bytes captured)
Ethernet II, Src: FujitsuS_81:79:ea (00:30:05:81:79:ea), Dst: D-Link_9b:09:44 (00:0d:88:9b:09:44)
Internet Protocol, Src: 192.168.1.101 (192.168.1.101), Dst: 62.146.25.34 (62.146.25.34)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 40
Identification: 0x026a (618)
Flags: 0x04 (Don't Fragment)
Fragment offset: 0
Time to live: 128
Protocol: TCP (0x06)
Header checksum: 0xdea4 [correct]
Source: 192.168.1.101 (192.168.1.101)
Destination: 62.146.25.34 (62.146.25.34)
Transmission Control Protocol, Src Port: 1079 (1079), Dst Port: http (80), Seq: 1, Ack: 1, Len: 0
Source port: 1079 (1079)
Destination port: http (80)
Sequence number: 1 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 20 bytes
Flags: 0x0010 (ACK)
Window size: 65535
Checksum: 0x19dc [incorrect, should be 0xbdac]
No. Time Source Destination Protocol Info
4 0.022919 192.168.1.101 62.146.25.34 HTTP GET / HTTP/1.1
Frame 4 (476 bytes on wire, 476 bytes captured)
Ethernet II, Src: FujitsuS_81:79:ea (00:30:05:81:79:ea), Dst: D-Link_9b:09:44 (00:0d:88:9b:09:44)
Internet Protocol, Src: 192.168.1.101 (192.168.1.101), Dst: 62.146.25.34 (62.146.25.34)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 462
Identification: 0x026b (619)
Flags: 0x04 (Don't Fragment)
Fragment offset: 0
Time to live: 128
Protocol: TCP (0x06)
Header checksum: 0xdcfd [correct]
Source: 192.168.1.101 (192.168.1.101)
Destination: 62.146.25.34 (62.146.25.34)
Transmission Control Protocol, Src Port: 1079 (1079), Dst Port: http (80), Seq: 1, Ack: 1, Len: 422
Source port: 1079 (1079)
Destination port: http (80)
Sequence number: 1 (relative sequence number)
Next sequence number: 423 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 20 bytes
Flags: 0x0018 (PSH, ACK)
Window size: 65535
Checksum: 0x1b82 [incorrect, should be 0xcda5]
Hypertext Transfer Protocol
No. Time Source Destination Protocol Info
5 3.013084 192.168.1.101 62.146.25.34 HTTP [TCP Retransmission] GET / HTTP/1.1
Frame 5 (476 bytes on wire, 476 bytes captured)
Ethernet II, Src: FujitsuS_81:79:ea (00:30:05:81:79:ea), Dst: D-Link_9b:09:44 (00:0d:88:9b:09:44)
Internet Protocol, Src: 192.168.1.101 (192.168.1.101), Dst: 62.146.25.34 (62.146.25.34)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 462
Identification: 0x0276 (630)
Flags: 0x04 (Don't Fragment)
Fragment offset: 0
Time to live: 128
Protocol: TCP (0x06)
Header checksum: 0xdcf2 [correct]
Source: 192.168.1.101 (192.168.1.101)
Destination: 62.146.25.34 (62.146.25.34)
Transmission Control Protocol, Src Port: 1079 (1079), Dst Port: http (80), Seq: 1, Ack: 1, Len: 422
Source port: 1079 (1079)
Destination port: http (80)
Sequence number: 1 (relative sequence number)
Next sequence number: 423 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 20 bytes
Flags: 0x0018 (PSH, ACK)
Window size: 65535
Checksum: 0x1b82 [incorrect, should be 0xcda5]
SEQ/ACK analysis
Hypertext Transfer Protocol
No. Time Source Destination Protocol Info
6 9.029003 192.168.1.101 62.146.25.34 HTTP [TCP Retransmission] GET / HTTP/1.1
Frame 6 (476 bytes on wire, 476 bytes captured)
Ethernet II, Src: FujitsuS_81:79:ea (00:30:05:81:79:ea), Dst: D-Link_9b:09:44 (00:0d:88:9b:09:44)
Internet Protocol, Src: 192.168.1.101 (192.168.1.101), Dst: 62.146.25.34 (62.146.25.34)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 462
Identification: 0x027f (639)
Flags: 0x04 (Don't Fragment)
Fragment offset: 0
Time to live: 128
Protocol: TCP (0x06)
Header checksum: 0xdce9 [correct]
Source: 192.168.1.101 (192.168.1.101)
Destination: 62.146.25.34 (62.146.25.34)
Transmission Control Protocol, Src Port: 1079 (1079), Dst Port: http (80), Seq: 1, Ack: 1, Len: 422
Source port: 1079 (1079)
Destination port: http (80)
Sequence number: 1 (relative sequence number)
Next sequence number: 423 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 20 bytes
Flags: 0x0018 (PSH, ACK)
Window size: 65535
Checksum: 0x1b82 [incorrect, should be 0xcda5]
SEQ/ACK analysis
Hypertext Transfer Protocol
No. Time Source Destination Protocol Info
7 21.060827 192.168.1.101 62.146.25.34 HTTP [TCP Retransmission] GET / HTTP/1.1
Frame 7 (476 bytes on wire, 476 bytes captured)
Ethernet II, Src: FujitsuS_81:79:ea (00:30:05:81:79:ea), Dst: D-Link_9b:09:44 (00:0d:88:9b:09:44)
Internet Protocol, Src: 192.168.1.101 (192.168.1.101), Dst: 62.146.25.34 (62.146.25.34)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 462
Identification: 0x0284 (644)
Flags: 0x04 (Don't Fragment)
Fragment offset: 0
Time to live: 128
Protocol: TCP (0x06)
Header checksum: 0xdce4 [correct]
Source: 192.168.1.101 (192.168.1.101)
Destination: 62.146.25.34 (62.146.25.34)
Transmission Control Protocol, Src Port: 1079 (1079), Dst Port: http (80), Seq: 1, Ack: 1, Len: 422
Source port: 1079 (1079)
Destination port: http (80)
Sequence number: 1 (relative sequence number)
Next sequence number: 423 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 20 bytes
Flags: 0x0018 (PSH, ACK)
Window size: 65535
Checksum: 0x1b82 [incorrect, should be 0xcda5]
SEQ/ACK analysis
Hypertext Transfer Protocol
No. Time Source Destination Protocol Info
8 35.561984 192.168.1.101 62.146.25.34 TCP 1079 > http [FIN, ACK] Seq=423 Ack=1 Win=65535 [TCP CHECKSUM INCORRECT] Len=0
Frame 8 (54 bytes on wire, 54 bytes captured)
Ethernet II, Src: FujitsuS_81:79:ea (00:30:05:81:79:ea), Dst: D-Link_9b:09:44 (00:0d:88:9b:09:44)
Internet Protocol, Src: 192.168.1.101 (192.168.1.101), Dst: 62.146.25.34 (62.146.25.34)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 40
Identification: 0x029a (666)
Flags: 0x04 (Don't Fragment)
Fragment offset: 0
Time to live: 128
Protocol: TCP (0x06)
Header checksum: 0xde74 [correct]
Source: 192.168.1.101 (192.168.1.101)
Destination: 62.146.25.34 (62.146.25.34)
Transmission Control Protocol, Src Port: 1079 (1079), Dst Port: http (80), Seq: 423, Ack: 1, Len: 0
Source port: 1079 (1079)
Destination port: http (80)
Sequence number: 423 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 20 bytes
Flags: 0x0011 (FIN, ACK)
Window size: 65535
Checksum: 0x19dc [incorrect, should be 0xbc05]
"dump_success.txt":
No. Time Source Destination Protocol Info
1 0.000000 192.168.1.101 62.146.25.34 TCP 1083 > http [SYN] Seq=0 Len=0 MSS=1460
Frame 1 (62 bytes on wire, 62 bytes captured)
Ethernet II, Src: FujitsuS_81:79:ea (00:30:05:81:79:ea), Dst: D-Link_9b:09:44 (00:0d:88:9b:09:44)
Internet Protocol, Src: 192.168.1.101 (192.168.1.101), Dst: 62.146.25.34 (62.146.25.34)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 48
Identification: 0x02a3 (675)
Flags: 0x04 (Don't Fragment)
Fragment offset: 0
Time to live: 128
Protocol: TCP (0x06)
Header checksum: 0xde63 [correct]
Source: 192.168.1.101 (192.168.1.101)
Destination: 62.146.25.34 (62.146.25.34)
Transmission Control Protocol, Src Port: 1083 (1083), Dst Port: http (80), Seq: 0, Len: 0
Source port: 1083 (1083)
Destination port: http (80)
Sequence number: 0 (relative sequence number)
Header length: 28 bytes
Flags: 0x0002 (SYN)
Window size: 65535
Checksum: 0x70ca [correct]
Options: (8 bytes)
No. Time Source Destination Protocol Info
2 0.020553 62.146.25.34 192.168.1.101 TCP http > 1083 [SYN, ACK] Seq=0 Ack=1 Win=49368 Len=0 MSS=1452
Frame 2 (62 bytes on wire, 62 bytes captured)
Ethernet II, Src: D-Link_9b:09:44 (00:0d:88:9b:09:44), Dst: FujitsuS_81:79:ea (00:30:05:81:79:ea)
Internet Protocol, Src: 62.146.25.34 (62.146.25.34), Dst: 192.168.1.101 (192.168.1.101)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 48
Identification: 0x006b (107)
Flags: 0x04 (Don't Fragment)
Fragment offset: 0
Time to live: 50
Protocol: TCP (0x06)
Header checksum: 0x2e9c [correct]
Source: 62.146.25.34 (62.146.25.34)
Destination: 192.168.1.101 (192.168.1.101)
Transmission Control Protocol, Src Port: http (80), Dst Port: 1083 (1083), Seq: 0, Ack: 1, Len: 0
Source port: http (80)
Destination port: 1083 (1083)
Sequence number: 0 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 28 bytes
Flags: 0x0012 (SYN, ACK)
Window size: 49368
Checksum: 0xb530 [correct]
Options: (8 bytes)
No. Time Source Destination Protocol Info
3 0.020599 192.168.1.101 62.146.25.34 TCP 1083 > http [ACK] Seq=1 Ack=1 Win=65535 [TCP CHECKSUM INCORRECT] Len=0
Frame 3 (54 bytes on wire, 54 bytes captured)
Ethernet II, Src: FujitsuS_81:79:ea (00:30:05:81:79:ea), Dst: D-Link_9b:09:44 (00:0d:88:9b:09:44)
Internet Protocol, Src: 192.168.1.101 (192.168.1.101), Dst: 62.146.25.34 (62.146.25.34)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 40
Identification: 0x02a4 (676)
Flags: 0x04 (Don't Fragment)
Fragment offset: 0
Time to live: 128
Protocol: TCP (0x06)
Header checksum: 0xde6a [correct]
Source: 192.168.1.101 (192.168.1.101)
Destination: 62.146.25.34 (62.146.25.34)
Transmission Control Protocol, Src Port: 1083 (1083), Dst Port: http (80), Seq: 1, Ack: 1, Len: 0
Source port: 1083 (1083)
Destination port: http (80)
Sequence number: 1 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 20 bytes
Flags: 0x0010 (ACK)
Window size: 65535
Checksum: 0x19dc [incorrect, should be 0xa2c5]
No. Time Source Destination Protocol Info
4 0.020746 192.168.1.101 62.146.25.34 HTTP GET / HTTP/1.1
Frame 4 (476 bytes on wire, 476 bytes captured)
Ethernet II, Src: FujitsuS_81:79:ea (00:30:05:81:79:ea), Dst: D-Link_9b:09:44 (00:0d:88:9b:09:44)
Internet Protocol, Src: 192.168.1.101 (192.168.1.101), Dst: 62.146.25.34 (62.146.25.34)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 462
Identification: 0x02a5 (677)
Flags: 0x04 (Don't Fragment)
Fragment offset: 0
Time to live: 128
Protocol: TCP (0x06)
Header checksum: 0xdcc3 [correct]
Source: 192.168.1.101 (192.168.1.101)
Destination: 62.146.25.34 (62.146.25.34)
Transmission Control Protocol, Src Port: 1083 (1083), Dst Port: http (80), Seq: 1, Ack: 1, Len: 422
Source port: 1083 (1083)
Destination port: http (80)
Sequence number: 1 (relative sequence number)
Next sequence number: 423 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 20 bytes
Flags: 0x0018 (PSH, ACK)
Window size: 65535
Checksum: 0x1b82 [incorrect, should be 0xb2be]
Hypertext Transfer Protocol
No. Time Source Destination Protocol Info
5 0.071290 62.146.25.34 192.168.1.101 TCP http > 1083 [ACK] Seq=1 Ack=423 Win=49368 Len=0
Frame 5 (60 bytes on wire, 60 bytes captured)
Ethernet II, Src: D-Link_9b:09:44 (00:0d:88:9b:09:44), Dst: FujitsuS_81:79:ea (00:30:05:81:79:ea)
Internet Protocol, Src: 62.146.25.34 (62.146.25.34), Dst: 192.168.1.101 (192.168.1.101)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 40
Identification: 0x006c (108)
Flags: 0x04 (Don't Fragment)
Fragment offset: 0
Time to live: 50
Protocol: TCP (0x06)
Header checksum: 0x2ea3 [correct]
Source: 62.146.25.34 (62.146.25.34)
Destination: 192.168.1.101 (192.168.1.101)
Transmission Control Protocol, Src Port: http (80), Dst Port: 1083 (1083), Seq: 1, Ack: 423, Len: 0
Source port: http (80)
Destination port: 1083 (1083)
Sequence number: 1 (relative sequence number)
Acknowledgement number: 423 (relative ack number)
Header length: 20 bytes
Flags: 0x0010 (ACK)
Window size: 49368
Checksum: 0xe046 [correct]
No. Time Source Destination Protocol Info
6 0.075838 62.146.25.34 192.168.1.101 HTTP HTTP/1.1 200 OK (text/html)
Frame 6 (413 bytes on wire, 413 bytes captured)
Ethernet II, Src: D-Link_9b:09:44 (00:0d:88:9b:09:44), Dst: FujitsuS_81:79:ea (00:30:05:81:79:ea)
Internet Protocol, Src: 62.146.25.34 (62.146.25.34), Dst: 192.168.1.101 (192.168.1.101)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 399
Identification: 0x006d (109)
Flags: 0x04 (Don't Fragment)
Fragment offset: 0
Time to live: 50
Protocol: TCP (0x06)
Header checksum: 0x2d3b [correct]
Source: 62.146.25.34 (62.146.25.34)
Destination: 192.168.1.101 (192.168.1.101)
Transmission Control Protocol, Src Port: http (80), Dst Port: 1083 (1083), Seq: 1, Ack: 423, Len: 359
Source port: http (80)
Destination port: 1083 (1083)
Sequence number: 1 (relative sequence number)
Next sequence number: 360 (relative sequence number)
Acknowledgement number: 423 (relative ack number)
Header length: 20 bytes
Flags: 0x0018 (PSH, ACK)
Window size: 49368
Checksum: 0x29b8 [correct]
Hypertext Transfer Protocol
Line-based text data: text/html
No. Time Source Destination Protocol Info
7 0.095473 192.168.1.101 62.146.25.34 HTTP GET /favicon.ico HTTP/1.1
Frame 7 (407 bytes on wire, 407 bytes captured)
Ethernet II, Src: FujitsuS_81:79:ea (00:30:05:81:79:ea), Dst: D-Link_9b:09:44 (00:0d:88:9b:09:44)
Internet Protocol, Src: 192.168.1.101 (192.168.1.101), Dst: 62.146.25.34 (62.146.25.34)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 393
Identification: 0x02aa (682)
Flags: 0x04 (Don't Fragment)
Fragment offset: 0
Time to live: 128
Protocol: TCP (0x06)
Header checksum: 0xdd03 [correct]
Source: 192.168.1.101 (192.168.1.101)
Destination: 62.146.25.34 (62.146.25.34)
Transmission Control Protocol, Src Port: 1083 (1083), Dst Port: http (80), Seq: 423, Ack: 360, Len: 353
Source port: 1083 (1083)
Destination port: http (80)
Sequence number: 423 (relative sequence number)
Next sequence number: 776 (relative sequence number)
Acknowledgement number: 360 (relative ack number)
Header length: 20 bytes
Flags: 0x0018 (PSH, ACK)
Window size: 65176
Checksum: 0x1b3d [incorrect, should be 0x1e0c]
Hypertext Transfer Protocol
No. Time Source Destination Protocol Info
8 0.139786 62.146.25.34 192.168.1.101 TCP http > 1083 [ACK] Seq=360 Ack=776 Win=49368 Len=0
Frame 8 (60 bytes on wire, 60 bytes captured)
Ethernet II, Src: D-Link_9b:09:44 (00:0d:88:9b:09:44), Dst: FujitsuS_81:79:ea (00:30:05:81:79:ea)
Internet Protocol, Src: 62.146.25.34 (62.146.25.34), Dst: 192.168.1.101 (192.168.1.101)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 40
Identification: 0x006e (110)
Flags: 0x04 (Don't Fragment)
Fragment offset: 0
Time to live: 50
Protocol: TCP (0x06)
Header checksum: 0x2ea1 [correct]
Source: 62.146.25.34 (62.146.25.34)
Destination: 192.168.1.101 (192.168.1.101)
Transmission Control Protocol, Src Port: http (80), Dst Port: 1083 (1083), Seq: 360, Ack: 776, Len: 0
Source port: http (80)
Destination port: 1083 (1083)
Sequence number: 360 (relative sequence number)
Acknowledgement number: 776 (relative ack number)
Header length: 20 bytes
Flags: 0x0010 (ACK)
Window size: 49368
Checksum: 0xdd7e [correct]
No. Time Source Destination Protocol Info
9 0.144850 62.146.25.34 192.168.1.101 HTTP HTTP/1.1 404 Not Found (text/html)
Frame 9 (464 bytes on wire, 464 bytes captured)
Ethernet II, Src: D-Link_9b:09:44 (00:0d:88:9b:09:44), Dst: FujitsuS_81:79:ea (00:30:05:81:79:ea)
Internet Protocol, Src: 62.146.25.34 (62.146.25.34), Dst: 192.168.1.101 (192.168.1.101)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 450
Identification: 0x006f (111)
Flags: 0x04 (Don't Fragment)
Fragment offset: 0
Time to live: 50
Protocol: TCP (0x06)
Header checksum: 0x2d06 [correct]
Source: 62.146.25.34 (62.146.25.34)
Destination: 192.168.1.101 (192.168.1.101)
Transmission Control Protocol, Src Port: http (80), Dst Port: 1083 (1083), Seq: 360, Ack: 776, Len: 410
Source port: http (80)
Destination port: 1083 (1083)
Sequence number: 360 (relative sequence number)
Next sequence number: 770 (relative sequence number)
Acknowledgement number: 776 (relative ack number)
Header length: 20 bytes
Flags: 0x0018 (PSH, ACK)
Window size: 49368
Checksum: 0x7a71 [correct]
Hypertext Transfer Protocol
Line-based text data: text/html
No. Time Source Destination Protocol Info
10 0.269307 192.168.1.101 62.146.25.34 TCP 1083 > http [ACK] Seq=776 Ack=770 Win=64766 [TCP CHECKSUM INCORRECT] Len=0
Frame 10 (54 bytes on wire, 54 bytes captured)
Ethernet II, Src: FujitsuS_81:79:ea (00:30:05:81:79:ea), Dst: D-Link_9b:09:44 (00:0d:88:9b:09:44)
Internet Protocol, Src: 192.168.1.101 (192.168.1.101), Dst: 62.146.25.34 (62.146.25.34)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 40
Identification: 0x02af (687)
Flags: 0x04 (Don't Fragment)
Fragment offset: 0
Time to live: 128
Protocol: TCP (0x06)
Header checksum: 0xde5f [correct]
Source: 192.168.1.101 (192.168.1.101)
Destination: 62.146.25.34 (62.146.25.34)
Transmission Control Protocol, Src Port: 1083 (1083), Dst Port: http (80), Seq: 776, Ack: 770, Len: 0
Source port: 1083 (1083)
Destination port: http (80)
Sequence number: 776 (relative sequence number)
Acknowledgement number: 770 (relative ack number)
Header length: 20 bytes
Flags: 0x0010 (ACK)
Window size: 64766
Checksum: 0x19dc [incorrect, should be 0x9fbe]lev wrote:This performance regression renders openvpn with a tun adapter unusable if client and server use kernel 3.14 .
Thus I created a bug report: https://bugs.archlinux.org/task/40089
i actually noticed it to be an "either-or" type of thing; my Windows clients were seeing the same thing coming off a 3.14 openvpn server.
yeah, weird issue. like i noticed spurts of even-powers-of-2 sized packets
Client connecting to 10.10.10.6, TCP port 5001
TCP window size: 416 KByte
[ 3] local 10.10.10.1 port 40643 connected with 10.10.10.6 port 5001
[ ID] Interval Transfer Bandwidth
[ 3] 0.0- 2.0 sec 512 KBytes 2.10 Mbits/sec
[ 3] 2.0- 4.0 sec 0.00 Bytes 0.00 bits/sec
[ 3] 4.0- 6.0 sec 0.00 Bytes 0.00 bits/sec
[ 3] 6.0- 8.0 sec 0.00 Bytes 0.00 bits/sec
[ 3] 8.0-10.0 sec 128 KBytes 524 Kbits/sec
[ 3] 10.0-12.0 sec 128 KBytes 524 Kbits/sec
[ 3] 12.0-14.0 sec 512 KBytes 2.10 Mbits/sec
[ 3] 14.0-16.0 sec 128 KBytes 524 Kbits/sec
[ 3] 16.0-18.0 sec 512 KBytes 2.10 Mbits/sec
[ 3] 18.0-20.0 sec 128 KBytes 524 Kbits/sec
[ 3] 20.0-22.0 sec 384 KBytes 1.57 Mbits/sec
[ 3] 22.0-24.0 sec 256 KBytes 1.05 Mbits/sec
[ 3] 24.0-26.0 sec 512 KBytes 2.10 Mbits/sec
[ 3] 26.0-28.0 sec 384 KBytes 1.57 Mbits/sec
[ 3] 28.0-30.0 sec 256 KBytes 1.05 Mbits/sec
[ 3] 30.0-32.0 sec 128 KBytes 524 Kbits/sec
[ 3] 32.0-34.0 sec 640 KBytes 2.62 Mbits/sec
[ 3] 34.0-36.0 sec 384 KBytes 1.57 Mbits/sec
[ 3] 36.0-38.0 sec 384 KBytes 1.57 Mbits/sec
[ 3] 38.0-40.0 sec 384 KBytes 1.57 Mbits/sec
[ 3] 40.0-42.0 sec 128 KBytes 524 Kbits/sec -
Hi,
I have a Solaris 11.1 T4 server. I created a 'flar' from a Solaris 10 (U7) server and created a Solaris 10 zone on the T4.
zonecfg has the IP address configured (can't copy and paste) correctly.
The global zone has net1:1 configured with the IP address, however net1 is 0.0.0.0.
I can ping the IP address, but attempts to ssh to the address receive the 'connection refused' error.
On the non-global zone I tried to start ssh unsuccessfully without errors...
What else am I missing?
Cheers
Craig.Hi.
Try connect to zone's console ( zlogin -C ) . Possible zone not fully installed.
Show result of :
svcs -xv
What errors or messages happens when you try start ssh service ?
Regards. -
Install NetConnect in Global Zone of Solaris 10 x86 with 5 local zone fail
Problem:
Install NetConnect in Global Zone of Solaris 10 x86 with 5 local zone failed
But I didn't have any issue with the same pkg in Solaris 9
Steps taken:
# groupadd netcon
# useradd -d /export/home/netcon -g netcon -m netcon
# vi /etc/shadow
change LK to NP
# ./UninstallNetConnect.003.002.001.sh
# ./InstallNetConnect.003.002.001.sh
Enter the user account to use: netcon
Enter group: netcon
Installing Sun(SM) Net Connect Proxy Core as <SUNWsrspx>
## Installing part 1 of 1.
/etc/opt/SUNWsrspx/CustomerCert.pem
/etc/opt/SUNWsrspx/SRSCACert.pem
/etc/opt/SUNWsrspx/binaries
/etc/opt/SUNWsrspx/srsproxyconfig.cfg
/opt/SUNWsrspx/bin/srsexec
/opt/SUNWsrspx/bin/srsinstall
/opt/SUNWsrspx/bin/srsinstallmode
/opt/SUNWsrspx/bin/srsproxy
/opt/SUNWsrspx/bin/srspxrun
/opt/SUNWsrspx/bin/srspxstat
/opt/SUNWsrspx/bin/srspxtrace
/opt/SUNWsrspx/bin/srsuser
/opt/SUNWsrspx/bin/srsxfer
/opt/SUNWsrspx/lib/srsimapi.jar
/usr/lib/libsrsimapi.so.1
[ verifying class <none> ]
## Executing postinstall script.
copying initial install customer cert into place
copying initial install srs cert into place
copying initial install proxy config file into place
removing any existing uninstallscript before copying the correct one
copying uninstall script into place
/var/sadm/pkg/SUNWsrspx/install/postinstall: /opt/SUNWsrspx/bin/srspxrun: cannot execute
proxy queue initialization failed
pkgadd: ERROR: postinstall script did not complete successfully
Installation of <SUNWsrspx> failed.
ERROR: pkgadd failed for: SUNWsrspx
Please correct this situation and rerun the installation.
Exiting installation.
# cat /var/adm/messages
Oct 7 00:00:01 planet root: [ID 702911 daemon.error] ERROR: proxy queue initialization failed
Any clue, or it will only possible in Global zone that didn't have any local zone
thanks in advanceProblem:
Install NetConnect in Global Zone of Solaris 10 x86
with 5 local zone failed
But I didn't have any issue with the same pkg in
Solaris 9
Steps taken:
# groupadd netcon
# useradd -d /export/home/netcon -g netcon -m netcon
# vi /etc/shadow
change LK to NP
# ./UninstallNetConnect.003.002.001.sh
# ./InstallNetConnect.003.002.001.sh
Enter the user account to use: netcon
Enter group: netcon
Installing Sun(SM) Net Connect Proxy Core as
<SUNWsrspx>
## Installing part 1 of 1.
/etc/opt/SUNWsrspx/CustomerCert.pem
/etc/opt/SUNWsrspx/SRSCACert.pem
/etc/opt/SUNWsrspx/binaries
/etc/opt/SUNWsrspx/srsproxyconfig.cfg
/opt/SUNWsrspx/bin/srsexec
/opt/SUNWsrspx/bin/srsinstall
/opt/SUNWsrspx/bin/srsinstallmode
/opt/SUNWsrspx/bin/srsproxy
/opt/SUNWsrspx/bin/srspxrun
/opt/SUNWsrspx/bin/srspxstat
/opt/SUNWsrspx/bin/srspxtrace
/opt/SUNWsrspx/bin/srsuser
/opt/SUNWsrspx/bin/srsxfer
/opt/SUNWsrspx/lib/srsimapi.jar
/usr/lib/libsrsimapi.so.1
[ verifying class <none> ]
## Executing postinstall script.
copying initial install customer cert into place
copying initial install srs cert into place
copying initial install proxy config file into place
removing any existing uninstallscript before copying
the correct one
copying uninstall script into place
/var/sadm/pkg/SUNWsrspx/install/postinstall:
/opt/SUNWsrspx/bin/srspxrun: cannot execute
proxy queue initialization failed
pkgadd: ERROR: postinstall script did not complete
successfully
Installation of <SUNWsrspx> failed.
ERROR: pkgadd failed for: SUNWsrspx
Please correct this situation and rerun the
installation.
Exiting installation.
# cat /var/adm/messages
Oct 7 00:00:01 planet root: [ID 702911 daemon.error]
ERROR: proxy queue initialization failed
Any clue, or it will only possible in Global zone
that didn't have any local zone
thanks in advance
[I believe that it does not work in x86, watches with pkginfo - l SUNWsrspx, in the platform.
Willy Suarez
Sopport UNIX
Colombia/code] -
Can't install 121118-12 on global zone
Hi, after our first round of patching, we're starting again. So, I've had to upgrade my external LPS to latest patches to get it to work at all. It is now on 119788-09 and 121118-12. The patchsvr has been reconfigured to point to getupdates1.sun.com without the trailing "solaris/".
So, I then tried to get my internal LPS working...proxy isn't running. smpatch pointed to the external (DMZ) LPS without a trailing "solaris/". Has patch revisions 119788-07 and 121118-08. Note, when I use the trailing "solaris/" then I get the "no patches" message. Without that, I now get a list of 40 patches (tho' I'm expecting about 190-odd as my external LPS is at the same patch levels otherwise and smpatch which points direct to Sun comes back with 196 patches).
Just to confirm, my current.zip (/var/sadm/spool/cache/Database/http....***...current.zip) gives me a patchlist.delimited file that is 9419 lines long. That seems about right.
So I thought - gosh! I really hope that this isn't going to be a 2-step patch process (currently running kernel rev 118833-24 and have seen a few warnings about going up to the mid-30s) so maybe I have to install the latest UC client patch for this to see that it needs more patches.
But trying to run "smpatch add -i 121118-12" barfs and finishes with the following message;
Patch 121118-12 failed to install due to a failure produced by pkgadd.
WARNING: patchadd returned <5> for global zone
pkgadd: ERROR: The package <SUNWppror> is currently installed on the system in the
global zone. To install the new instance of this package in the global
zone only, you must specify the -G option. To install the new instance
of this package in all zones you must first remove the existing instance
of this package from the global zone first (via pkgrm) and then install
the new instance of this package in all zones.
pkgadd: ERROR: package <SUNWppror> cannot be installed on this system/zoneSo, dutifully, I go to run (after unzip'ing my jar file); "patchadd -G 121118-12". The first time it says much like below, but to check the log file which says the bit above. Any subsequent attempts give up on telling you to look at the logfile because you should've already and just tell you this;
# patchadd -G 121118-12
Validating patches...
Loading patches installed on the system...
Done!
Loading patches requested to install.
Done!
Checking patches that you specified for installation.
Done!
Global patches.
0 Patch 121118-12 is for global zone only - cannot be installed on non-global zone.
No patches to install.Funnily enough, I am running on my global zone, but patchadd and smpatch just can't seem to tell. Has there been a major update to patchadd that I've missed or is there some other reason that I can't install this patch? Do I really need to remove it all before patching again? If so, how is that affected by 119788 which also patches SUNWppror?
Thanks for any help,
Sally.Yes, there are relevant packages in that file;
server # grep SUNW gz*
# Last modified by <pkgadd> to <add> package <SUNWpkgcmdsu>
SUNWapch2d
SUNWapch2r
SUNWapch2u
SUNWexplo
SUNWexplu
SUNWexted
SUNWnbcpp
SUNWnbide
SUNWpkgcmdsu
SUNWppror
SUNWpprou
SUNWpsvrr
SUNWpsvru
SUNWsneep
server # Does this file get updated whenever patchadd/pkgadd -G is used? If so, I would've only installed the update connection proxy server patches on the global zone alone as it is not supported within local zones and I would've seen no reason to install it on a local zone (waste of time).
Also, when I was testing applying patches on zones, I would've run "patchadd -G" for some patches to see what the difference is, but I wouldn't have suspected that this would change the action of the patch forever more.
Or have these packages gotten in there another way.
Within one of my local zones, there are no SUNW packages in the /var/sadm/install/gz-only-packages file and yet the zone cannot remove the patch;
myzone # patchrm 121118-12
Validating patches...
Loading patches installed on the system...
Done!
Checking patches that you specified for removal.
Done!
Global patches.
0 Patch 121118-12 is for global zone only - cannot be removed on non-global zone.
No patches to remove.
myzone #but I guess that is because it is checking on the global zone at that stage. On that point, does a local zone know the name of the server its global zone is on? Can this be determined without being on the global zone?
Thanks,
Sally. -
Network traffic between zones in the same Global zone
Hi,
I would like to know if the traffic between different zones that shares the same nic within the global zone goes to the switch they are are connected to and comes back, or remains within the global zone?
Example:
Local zone apache IP 10.0.0.2
Local zone oracle IP 10.0.0.3
Global zone IP 10.0.0.4
When Local zone apache contact Local zone oracle does the traffic go to the switch and then to Local zone oracle or just remains internal the Global zone?
Regards,
Youniss-wilson wrote:
If the zone is on a different subnet from the global, the traffic would have to be routed back.That's not correct. As long as it is a shared-ip zone, traffic does not leave the box.
This is no different that a single-zone host that has interfaces on two subnets.
Darren -
FilesystemMountPoints for ufs disks mounted to non-global zones
Hello,
I have a SAN ufs disk to be used as a failover storage, mounted to non-global zones (NGZ).
Solaris 10 nodes using Cluster 3.2
I'm looking for the correct value for the property FilesystemMountPoints and the vfstab entry required for a failover disk mounted to a NGZ.
Should the path NOT include the NGZ root path?
From the man page for SUNW.HAStoragePlus, for the property FilesystemMountPoints:
You can specify both the path in a non-global zone and the path in a global zone, in this format:
Non-GlobalZonePath:GlobalZonePath
The global zone path is optional. If you do not specify a global zone path, Sun Cluster assumes that the path in
the non-global zone and in the global zone are the same. If you specify the path as
Non-GlobalZonePath:GlobalZonePath, you must specify Global-ZonePath in the global zone's /etc/vfstab.
The default setting for this property is an empty list.
You can use the SUNW.HAStoragePlus resource type to make a file system available to a non-global zone. To enable
the SUNW.HAStoragePlus resource type to do this, you must create a mount point in the global zone and in the
non-global zone. The SUNW.HAStoragePlus resource type makes the file system available to the non-global zone
by mounting the file system in the global zone. The resource type then performs a loopback mount in the
non-global zone.
Each file system mount point should have an equivalent entry in /etc/vfstab on all cluster nodes and in all
global zones. The SUNW.HAStoragePlus resource type does not check /etc/vfstab in non-global zones.
SUNW.HAStoragePlus resources that specify local file systems can only belong in a failover resource group
with affinity switchovers enabled. These local file systems can therefore be termed failover file systems. You
can specify both local and global file system mounts points at the same time.
Any file system whose mount point is present in the FilesystemMountPoints extension property is assumed to
be local if its /etc/vfstab entry satisfies both of the following conditions:
1. The non-global mount option is specified.
2. The "mount at boot" field for the entry is set to "no."
In my situation, I want to mount the disk to /mysql_data on the NGZ called ftp_zone. So, which is the correct setup?
a. FilesystemMountPoints=/mysql_data:/zones/ftp_zone/root/mysql_data
Global zone vfstab entry /dev/md/ftpabin/dsk/d110 /dev/md/ftpabin/rdsk/d110 /zones/ftp_zone/root/mysql_data ufs 1 no logging
NGZ mount point /mysql_data
OR
b. FilesystemMountPoints=/mysql_data:/mysql_data (can be condensed to simply /mysql_data)
Global zone vfstab entry /dev/md/ftpabin/dsk/d110 /dev/md/ftpabin/rdsk/d110 /mysql_data ufs 1 no logging
NGZ mount point /mysql_data
Should the path NOT include the NGZ root path?
And should the fsck pass # be 1 or 2?
Looking at this example from p. 26 of
http://wikis.sun.com/download/attachments/24543510/820-4690.pdf
This example doesn't mention the entry in vfstab.
Create a resource group that can holds services in nodea zonex and nodeb zoney
nodea# clresourcegroup create -n nodea:zonex,nodeb:zoney test-rg
Make sure the HAStoragePlus resource is registered
nodea# clresourcetype register SUNW.HAStoragePlus
Now add a UFS [or VxFS] fail-over file system: mount /bigspace1 to failover/export/install in NGZ
nodea# clresource create -t SUNW.HAStoragePlus -g test-rg \
-p FilesystemMountPoints=/fail-over/export/install:/bigspace1 \
ufs-hasp-rs
Thank you!Hi,
/zones/oracle-z is my root directory of the zone.
* add the device to the zone :
root@mpbxapp1 # zonecfg -z oracle-z
zonecfg:oracle-z> add device
zonecfg:oracle-z:device> set match=/dev/global/dsk/d12s0
zonecfg:oracle-z:device> end
zonecfg:oracle-z> add device
zonecfg:oracle-z:device> set match=/dev/global/rdsk/d12s0
zonecfg:oracle-z:device> end
zonecfg:oracle-z> exit
* add FS to NGZ's /etc/vfstab : ( You may omit this step, I don't know why but it works without this step :) )
root@mpbxapp1 # vi /zones/oracle-z/root/etc/vfstab
/dev/global/dsk/d12s0 /dev/global/rdsk/d12s0 /global/oracle ufs 1 no logging
* add FS to global zone's /etc/vfstab :
root@mpbxapp1 # vi /etc/vfstab
/dev/global/dsk/d12s0 /dev/global/rdsk/d12s0 /zonefs/oracle ufs 1 no logging
* set the FilesystemMountPoints property :
root@mpbxapp1 # /usr/cluster/bin/clresource set -p FilesystemMountPoints=/global/oracle:/zonefs/oracle oracle-hastp
Whit this configuration you may ensure that the FS is not directly accessible from master zone. Actually, it's accessible but with a different PATH. For example, for Oracle, from the master zone Oracle can not be started/stopped because the controlfile can not be accessed. :)
Hope this helps,
Murat -
Unexpected behavior: Solaris10 , vlan , ipmp, non-global zones
I've configured a System with several non-global zones.
Each of them has ip - connection via a seperate vlan (1 vlan for each nonglobal zone). The vlans are established by the global zone. They are additionally brought under control of ipmp.
I followed the instructions described at:
http://forum.sun.com/thread.jspa?threadID=21225&messageID=59653#59653
to create the defaultrouters for the non-global zones.
In addition to that, I've created the default route for the 2nd ipmp-interface. (to keep the route in the non-global Zone in case of ipmp-failover)
ie:
route add default 172.16.3.1 -ifp ce1222000
route add default 172.16.3.1 -ifp ce1222002Furthermore, i' ve put the 172.16.3.1 in the /etc/defaultrouter of the global zone, to ensure it will be the 1st entry in the routing table (because it's the defaultrouter for the global zone)
Here the unexpected:
Tried to reach a ip-target ouside the configured subnets, say 172.16.1.3 , via icmp. The router 172.16.3.1 knows the proper route to get it. The 1st tries (can't remember the exact number) went through ce1222000 and associated icmp-replies travelled back trough ce1222000. But suddenly the outgoing interface changed to ce1322000 or ce1122000 ! The defaultrouters configured on these vlans are not aware of the 172.16.1.3 (172.16.1.0/24), and there was no answer. The defaultroutes seemed to be "cycled" between the configured.
Furthermore the connection from the outside to the nonglobal-zones (wich do have only 1 defaultrouter configured: the one of the vlan the non-global Zone belongs to) was broken intermittent.
So, how to get the combination of VLAN ,IPMP, diff. defaultrouters, non-global Zones running?
Got the following config visible in the global zone:
(the 172.13.x.y are sc3.1u4 priv. interconnect)
netstat -rn
Routing Table: IPv4
Destination Gateway Flags Ref Use Interface
172.31.193.1 127.0.0.1 UH 1 0 lo0
172.16.19.0 172.16.19.6 U 1 4474 ce1322000
172.16.19.0 172.16.19.6 U 1 0 ce1322000:1
172.16.19.0 172.16.19.6 U 1 1791 ce1322002
172.31.1.0 172.31.1.2 U 1 271194 ce5
172.31.0.128 172.31.0.130 U 1 271158 ce1
172.16.11.0 172.16.11.6 U 1 8715 ce1122000
172.16.11.0 172.16.11.6 U 1 0 ce1122000:1
172.16.11.0 172.16.11.6 U 1 7398 ce1122002
172.16.3.0 172.16.3.6 U 1 4888 ce1222000
172.16.3.0 172.16.3.6 U 1 0 ce1222000:1
172.16.3.0 172.16.3.6 U 1 4236 ce1222002
172.16.27.0 172.16.27.6 U 1 0 ce1411000
172.16.27.0 172.16.27.6 U 1 0 ce1411000:1
172.16.27.0 172.16.27.6 U 1 0 ce1411002
192.168.0.0 192.168.0.62 U 1 24469 ce3
172.31.193.0 172.31.193.2 U 1 651 clprivnet0
172.16.11.0 172.16.11.6 U 1 0 ce1122002:1
224.0.0.0 192.168.0.62 U 1 0 ce3
default 172.16.3.1 UG 1 1454
default 172.16.19.1 UG 1 0 ce1322000
default 172.16.19.1 UG 1 0 ce1322002
default 172.16.11.1 UG 1 0 ce1122000
default 172.16.11.1 UG 1 0 ce1122002
default 172.16.3.1 UG 1 0 ce1222000
default 172.16.3.1 UG 1 0 ce1222002
127.0.0.1 127.0.0.1 UH 41048047 lo
#ifconfig -a
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232
index 1
inet 127.0.0.1 netmask ff000000
lo0:1: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232
index 1
zone Z-BTO1-1
inet 127.0.0.1 netmask ff000000
lo0:2: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232
index 1
zone Z-BTO1-2
inet 127.0.0.1 netmask ff000000
lo0:3: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232
index 1
zone Z-ITR1-1
inet 127.0.0.1 netmask ff000000
lo0:4: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232
index 1
zone Z-TDN1-1
inet 127.0.0.1 netmask ff000000
lo0:5: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232
index 1
zone Z-DRB1-1
inet 127.0.0.1 netmask ff000000
ce1: flags=1008843<UP,BROADCAST,RUNNING,MULTICAST,PRIVATE,IPv4> mtu 1500
index 10
inet 172.31.0.130 netmask ffffff00 broadcast 172.31.0.255
ether 0:3:ba:f:63:95
ce3: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 8
inet 192.168.0.62 netmask ffffff00 broadcast 192.168.0.255
groupname ipmp0
ether 0:3:ba:f:68:1
ce5: flags=1008843<UP,BROADCAST,RUNNING,MULTICAST,PRIVATE,IPv4> mtu 1500
index 9
inet 172.31.1.2 netmask ffffff00 broadcast 172.31.1.127
ether 0:3:ba:d5:b1:44
ce1122000: flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS> mtu 1500
index 2
inet 172.16.11.6 netmask ffffff00 broadcast 172.16.11.127
groupname ipmp2
ether 0:3:ba:f:63:94
ce1122000:1:
flags=209040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4,NOFAILOVER,CoS>
mtu 1500 index 2
inet 172.16.11.7 netmask ffffff00 broadcast 172.16.11.127
ce1122002:
flags=9040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4,NOFAILOVER> mtu
1500 index 3
inet 172.16.11.8 netmask ffffff00 broadcast 172.16.11.127
groupname ipmp2
ether 0:3:ba:f:68:0
ce1122002:1: flags=1040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4>
mtu 1500 index 3
inet 172.16.11.10 netmask ffffff00 broadcast 172.16.11.255
ce1122002:2: flags=1040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4>
mtu 1500 index 3
zone Z-ITR1-1
inet 172.16.11.9 netmask ffffff00 broadcast 172.16.11.255
ce1222000: flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS> mtu 1500
index 4
inet 172.16.3.6 netmask ffffff00 broadcast 172.16.3.127
groupname ipmp3
ether 0:3:ba:f:63:94
ce1222000:1:
flags=209040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4,NOFAILOVER,CoS>
mtu 1500 index 4
inet 172.16.3.7 netmask ffffff00 broadcast 172.16.3.127
ce1222002:
flags=9040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4,NOFAILOVER> mtu
1500 index 5
inet 172.16.3.8 netmask ffffff00 broadcast 172.16.3.127
groupname ipmp3
ether 0:3:ba:f:68:0
ce1222002:1: flags=1040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4>
mtu 1500 index 5
zone Z-BTO1-1
inet 172.16.3.9 netmask ffffff00 broadcast 172.16.3.255
ce1222002:2: flags=1040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4>
mtu 1500 index 5
zone Z-BTO1-2
inet 172.16.3.10 netmask ffffff00 broadcast 172.16.3.255
ce1322000: flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS> mtu 1500
index 6
inet 172.16.19.6 netmask ffffff00 broadcast 172.16.19.127
groupname ipmp1
ether 0:3:ba:f:63:94
ce1322000:1:
flags=209040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4,NOFAILOVER,CoS>
mtu 1500 index 6
inet 172.16.19.7 netmask ffffff00 broadcast 172.16.19.127
ce1322002:
flags=9040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4,NOFAILOVER> mtu
1500 index 7
inet 172.16.19.8 netmask ffffff00 broadcast 172.16.19.127
groupname ipmp1
ether 0:3:ba:f:68:0
ce1322002:1: flags=1040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4>
mtu 1500 index 7
zone Z-TDN1-1
inet 172.16.19.9 netmask ffffff00 broadcast 172.16.19.255
ce1411000: flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS> mtu 1500
index 12
inet 172.16.27.6 netmask ffffff00 broadcast 172.16.27.255
groupname ipmp4
ether 0:3:ba:f:63:94
ce1411000:1:
flags=209040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4,NOFAILOVER,CoS>
mtu 1500 index 12
inet 172.16.27.7 netmask ffffff00 broadcast 172.16.27.255
ce1411002:
flags=9040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4,NOFAILOVER> mtu
1500 index 13
inet 172.16.27.8 netmask ffffff00 broadcast 172.16.27.255
groupname ipmp4
ether 0:3:ba:f:68:0
ce1411002:1: flags=1040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4>
mtu 1500 index 13
zone Z-DRB1-1
inet 172.16.27.9 netmask ffffff00 broadcast 172.16.27.255
clprivnet0:
flags=1009843<UP,BROADCAST,RUNNING,MULTICAST,MULTI_BCAST,PRIVATE,IPv4> mtu
1500 index 11
inet 172.31.193.2 netmask ffffff00 broadcast 172.31.193.255
ether 0:0:0:0:0:2 -
Not all non-global zones updated for DST
We have one server with Solaris 10 and four non-global zones. I installed patch 122032-03 to the global zone and it installed successfull, according to the log. With the DST change on 3/11, TWO of the non-global zones and the global zone updated correctly to daylight time, but the other TWO non-global zone DID NOT. Does anyone know what would cause this?
I have also tried to manually change the time on the two non-global zones and have not been able to; as root I get the message "not owner"
ainsworth:hughesm> su -
Password:
Sun Microsystems Inc. SunOS 5.10 Generic January 2005
You have mail.
# date
Tue Mar 13 12:02:45 PST 2007
# date -u
Tue Mar 13 20:03:16 GMT 2007
# date
Tue Mar 13 12:04:31 PST 2007
# date 0313130007
date: Not owner
usage: date [-u] mmddHHMM[[cc]yy][.SS]
date [-u] [+format]
date -a [-]sss[.fff]
Fortunately, these were just test zones. They were set up by a previous admin to be used for pgpftp, so I'm wondering if there are some special configurations for security that is preventing the time change.Thanks for replying.
I rebooted from the global zone. All the zones have the same uptime as the global zone, except one that was rebooted more recently.
Quick question - how do I tell if it's a sparse zone or full zone?
One of the zones that the time change worked on:
$ zdump -v US/Pacific | grep 2007
US/Pacific Tue Mar 13 22:37:59 2007 UTC = Tue Mar 13 15:37:59 2007 PDT isdst=1
US/Pacific Sun Mar 11 09:59:59 2007 UTC = Sun Mar 11 01:59:59 2007 PST isdst=0
US/Pacific Sun Mar 11 10:00:00 2007 UTC = Sun Mar 11 03:00:00 2007 PDT isdst=1
US/Pacific Sun Nov 4 08:59:59 2007 UTC = Sun Nov 4 01:59:59 2007 PDT isdst=1
US/Pacific Sun Nov 4 09:00:00 2007 UTC = Sun Nov 4 01:00:00 2007 PST isdst=0
tsbackup:hughesm> cd /usr/share/lib/zoneinfo; ls -al | grep Pac
drwxr-xr-x 2 root bin 1024 Jan 19 11:19 Pacific
cathedral:hughesm> cd /usr/share/lib/zoneinfo; ls -al | grep Pac (the global zone)
drwxr-xr-x 2 root bin 1024 Jan 19 11:19 Pacific
One zone that didn't work: (the other one that did not work is the same)
# zdump -v US/Pacific | grep 2007
US/Pacific Tue Mar 13 22:45:33 2007 UTC = Tue Mar 13 14:45:33 2007 PST isdst=0
US/Pacific Sun Apr 1 09:59:59 2007 UTC = Sun Apr 1 01:59:59 2007 PST isdst=0
US/Pacific Sun Apr 1 10:00:00 2007 UTC = Sun Apr 1 03:00:00 2007 PDT isdst=1
US/Pacific Sun Oct 28 08:59:59 2007 UTC = Sun Oct 28 01:59:59 2007 PDT isdst=1
US/Pacific Sun Oct 28 09:00:00 2007 UTC = Sun Oct 28 01:00:00 2007 PST isdst=0
# uname -a
SunOS albina 5.10 Generic_118822-02 sun4u sparc SUNW,Ultra-4
# cd /usr/share/lib/zoneinfo (non-global zone that did not update)
# ls -al | grep Pac
drwxr-xr-x 2 root bin 1024 Apr 20 2005 Pacific
I was thinking of trying to apply the patch within the zone itself, but when I tried smpatch analyze, it didn't list it:
# smpatch analyze
120900-04 SunOS 5.10: libzonecfg Patch
121133-02 SunOS 5.10: zones library and zones utility patch
119254-27 SunOS 5.10: Install and Patch Utilities Patch
119574-02 SunOS 5.10: su patch
121453-02 SunOS 5.10: Sun Update Connection Client Foundation
121118-08 SunOS 5.10: Sun Update Connection System Client 1.0.8
121081-05 SunOS 5.10: Connected Customer Agents 1.1.0
122231-01 SunOS 5.10 Sun Connection agents, transport certificate update
I attempted to add the patch using smpatch, but I've never run it here before so it's probably not configured right:
# smpatch update -i 122032-03
122032-03 cannot be validated.
com.sun.patchpro.model.PatchProRuntimeException: Unexpected throwable
at com.sun.patchpro.cli.PatchServices.waitForThread(PatchServices.java:1284)
at com.sun.patchpro.cli.PatchServices.installPatches(PatchServices.java:1121)
at com.sun.patchpro.cli.PatchServices.main(PatchServices.java:510)
Caused by:
java.lang.Throwable: ERROR: Failed to validate the digital signature(s).
at com.sun.patchpro.model.PatchProModel$InnerDownloadPatchThread.downloadPatchFailed(PatchProModel.java:2855)
at com.sun.patchpro.server.GroupPatchDownloader.dispatchFailedEvent(GroupPatchDownloader.java:384)
at com.sun.patchpro.server.GroupPatchDownloader.downloadPatchFailed(GroupPatchDownloader.java:335)
at com.sun.patchpro.server.ServerPatchServiceProvider.dispatchFailedEvent(ServerPatchServiceProvider.java:2577
at com.sun.patchpro.server.ServerPatchServiceProvider.validatePatchBundle(ServerPatchServiceProvider.java:2196
at com.sun.patchpro.server.ServerPatchServiceProvider.requestDownload(ServerPatchServiceProvider.java:1780)
at com.sun.patchpro.server.ServerPatchServiceProvider.performDownloadPatches(ServerPatchServiceProvider.java:1
2)
at com.sun.patchpro.server.ServerPatchServiceProvider.downloadPatches(ServerPatchServiceProvider.java:860)
at com.sun.patchpro.server.PatchServerProxy.downloadPatches(PatchServerProxy.java:142)
at com.sun.patchpro.server.GroupPatchDownloader.downloadPatches(GroupPatchDownloader.java:124)
at com.sun.patchpro.model.PatchProModel.performPatchDownload(PatchProModel.java:1932)
at com.sun.patchpro.model.PatchProStateMachine$10.run(PatchProStateMachine.java:526)
at com.sun.patchpro.util.State.run(State.java:266)
at java.lang.Thread.run(Thread.java:595)
So then I attempted to add the patch using patchadd:
# patchadd 122032-03
Validating patches...
Loading patches installed on the system...
Done!
Loading patches requested to install.
Done!
Checking patches that you specified for installation.
Done!
Global patches.
0 Patch 122032-03 is for global zone only - cannot be installed on local zone.
No patches to install.
under /var/sadm/patch/122032-03 on the Global zone, the log shows:
-rw-r--r-- 1 root root 2666 Jan 19 11:19 log
This appears to be an attempt to install the same architecture and
version of a package which is already installed. This installation
will attempt to overwrite this package.
WARNING: /usr/share/lib/zoneinfo/Africa/Timbuktu <no longer a regular file>
WARNING: /usr/share/lib/zoneinfo/America/Argentina/ComodRivadavia <no longer a regular file>
WARNING: /usr/share/lib/zoneinfo/America/Indiana/Indianapolis <no longer a linked file>
WARNING: /usr/share/lib/zoneinfo/America/Indianapolis <no longer a regular file>
WARNING: /usr/share/lib/zoneinfo/America/Kentucky/Louisville <no longer a linked file>
WARNING: /usr/share/lib/zoneinfo/America/Louisville <no longer a regular file>
WARNING: /usr/share/lib/zoneinfo/CST6CDT <no longer a linked file>
WARNING: /usr/share/lib/zoneinfo/EST <no longer a linked file>
WARNING: /usr/share/lib/zoneinfo/EST5EDT <no longer a linked file>
WARNING: /usr/share/lib/zoneinfo/Europe/Belfast <no longer a regular file>
WARNING: /usr/share/lib/zoneinfo/HST <no longer a linked file>
WARNING: /usr/share/lib/zoneinfo/MST <no longer a linked file>
WARNING: /usr/share/lib/zoneinfo/MST7MDT <no longer a linked file>
WARNING: /usr/share/lib/zoneinfo/PST8PDT <no longer a linked file>
WARNING: /usr/share/lib/zoneinfo/Pacific/Yap <no longer a regular file>
Dryrun complete.
No changes were made to the system.
This appears to be an attempt to install the same architecture and
version of a package which is already installed. This installation
will attempt to overwrite this package.
WARNING: /usr/share/lib/zoneinfo/Africa/Timbuktu <no longer a regular file>
WARNING: /usr/share/lib/zoneinfo/America/Argentina/ComodRivadavia <no longer a regular file>
WARNING: /usr/share/lib/zoneinfo/America/Indiana/Indianapolis <no longer a linked file>
WARNING: /usr/share/lib/zoneinfo/America/Indianapolis <no longer a regular file>
WARNING: /usr/share/lib/zoneinfo/America/Kentucky/Louisville <no longer a linked file>
WARNING: /usr/share/lib/zoneinfo/America/Louisville <no longer a regular file>
WARNING: /usr/share/lib/zoneinfo/CST6CDT <no longer a linked file>
WARNING: /usr/share/lib/zoneinfo/EST <no longer a linked file>
WARNING: /usr/share/lib/zoneinfo/EST5EDT <no longer a linked file>
WARNING: /usr/share/lib/zoneinfo/Europe/Belfast <no longer a regular file>
WARNING: /usr/share/lib/zoneinfo/HST <no longer a linked file>
WARNING: /usr/share/lib/zoneinfo/MST <no longer a linked file>
WARNING: /usr/share/lib/zoneinfo/MST7MDT <no longer a linked file>
WARNING: /usr/share/lib/zoneinfo/PST8PDT <no longer a linked file>
WARNING: /usr/share/lib/zoneinfo/Pacific/Yap <no longer a regular file>
Installation of <SUNWcsu> was successful.
On the non-global zones, either there is nothing under /var/sadm/patch or there isn't even a patch directory under /var/sadm. Is there somewhere else to look?
Thanks. -
Installing multiple MySQLs in Non-Global Zones
Hi all,
We have db01 and db02 physical servers with latest Solaris and Sun Cluster software installed. Each one has the following zones:
db01z001 - db02z001
db01z002 - db02z002
db01z003 - db02z003
db01z004 - db02z004
db01zXXX - db02zXXX
Every zone is installed on zpool zones (on local disks):
root@db01:~$ zpool status zones
pool: zones
state: ONLINE
scrub: none requested
config:
NAME STATE READ WRITE CKSUM
zones ONLINE 0 0 0
mirror ONLINE 0 0 0
c2t0d0 ONLINE 0 0 0
c2t1d0 ONLINE 0 0 0
We want to install and configure a different MySQL application and data service in every pair of non-global zones.
We want to use two SAN logical devices for mysql data:
d3 db02:/dev/rdsk/c4t600508B4000906990001100000E70000d0
d3 db01:/dev/rdsk/c4t600508B4000906990001100000E70000d0
d7 db02:/dev/rdsk/c4t600508B40009069900011000008E0000d0
d7 db01:/dev/rdsk/c4t600508B40009069900011000008E0000d0
Is there any way to use this configuration for N pairs or we can only use 2?
Thanks,
GeorgeHi George,
You might get away creating global monunts, create directories below the mount pint. Now comes the trick, you create HAStoragePlus resources with filesystem_mountpoints=/global_mountmount/mysql1, you must set AffinityOn to false.
This creates a lofs mount into the zone.
I must admit, that I never tried this myself, but it should work. Of cause you will get a performance penalty if you create tables over the wire. Creating tables means creating small files. It is wortha a
It would be better, if you would have more and smaller luns, so that you could restrict on lun to a pair of zones.
Kind Regards
Detlef -
Sun cluster 3.20, live upgrade with non-global zones
I have a two node cluster with 4 HA-container resource groups holding 4 non-global zones running Sol 10 8/07 u4 which I would upgrade to sol10 u6 10/8. The root fileystem of the non-global zones is ZFS and on shared SAN disks so that can be failed over.
For the LIve upgrade I need to convert the root ZFS to UFS which should be straight forward.
The tricky stuff is going to be performing a live upgrade on non-global zones as their root fs is on the shared disk. I have a free internal disk on each of thenodes for ABE environments. But when I run the lucreate command is it going put the ABE of the zones on the internal disk as well or can i specifiy the location ABE for non-global zones. Ideally I want this to be shared disk
Any assistance gratefully receivedHi,
I am not sure whether this document:
http://wikis.sun.com/display/BluePrints/Maintaining+Solaris+with+Live+Upgrade+and+Update+On+Attach
has been on the list of docs you found already.
If you click on the download link, it won't work. But if you use the Tools icon on the upper right hand corner and click on attachements, you'll find the document. Its content is solely based on configurations with ZFS as root and zone root, but should have valuable information for other deployments as well.
Regards
Hartmut
Maybe you are looking for
-
N95 screen goes black when in between open and clo...
Just noticed today that the screen goes black when sliding open or closed. Screen comes back on when slider reaches open or closed. Is this like the blank screen fault that affected so many N80s ? I'm very disgusted that I have to pay to fix my 16mon
-
Free Will to Purchase a Samsung S5 mobile at Telstra for any Pre-Paid Telstra customer
Why have Telstra decided not to offer the Samsung S5 mobile as a prepaid phone. I am a very long time customer and think Telstra is behaving like a dictatorship in refusing to allow me to purchase a Samsing S5 mobile outright in their Hornsby NSW sto
-
File Share does not appear as a Datasource!
I have created a File System Repository and a Index - However when I try and select a data source on the Index I can't find the file share I created. I have set up the Folder as a Mounted Network folder! Hope someone can help!
-
How to unlock users in a SAP system if all of them are locked
How to unlock users in a SAP system if all of them are locked Posted: Mar 21, 2007 10:07 AM Reply E-mail this post Hello Experts, In any SAP System,if a user having authorizations has mistakingly locked all the users of the SAP system,t
-
Building alt hier w/ shared members
Hi all,I have a question about building alternate hierarchies with shared members.Here's my situation:* I have a location dimension containing all stores, their districts, regions, etc. This is the primary hierarchy and the stores (level 0) are not s