Zones unreachable externally

I am running Solaris 10 on an X2200 M2 machine, fully patched with all the latest patches.
I am trying to run an application, which I have configured and tested to run in the global zone, ie locating the startup script in rc3.d works. However, when I created a non-global zone to host this application, two things happen:
(1) Putting the startup script in the local rc3.d doesn't work. Rebooting the zone doesn't start up the service.
(2) I can ping the virtual IP from another machine, but it cannot connect to the ser vices I run, even though the ports show up in netstat as listening on all interfaces. I can connect to the service using the machine's browser, pointing to the virtual IP and port.
Actual configuration shown below:
Machine has 4 NICs, bge0, bge1, nge0, nge1. bge0 and nge0 are plumbed.
bge0: IP 172.22.2.4 netmask 255.255.0.0 default gateway 172.22.2.1
nge0: IP 10.0.0.1 netmask 255.0.0.0
nge0 is meant to connect to my database server.
The zone is created with bge0:1 as 172.22.2.6, nge0:1 as 10.0.0.2.
What am I missing? I'm very new to Solaris, all steps are carried out according to the documentation.

When I do the svcs -vx in the global zone, I get only one service state.
svc:/application/print/server:default (LP print server)
State: disabled since Fri Jun 15
Reason: Disabled by an administrator.
This seems correct, as I did the Solaris install with the most secure port services enabled, only 21 and 22.
With zlogin to my zone and doing svcs -vx, I get quite a few returns, which I need help in interpreting.
svc:/system/sysidtool.net (sysidtool)
State: offline since Thu Jun 14
Reason: Start method is running.
Impact: 27 dependent services are not running. (not listing them down for brevity)
svc:/network/rpc/gss:default (Generic Security Service)
State: unintialized since Thu Jun 14
Reason: Restarter svc:/network/inetd:default is not running.
Impact: 14 dependent services are not running.
svc:/application/print/server:default (LP print server)
State: disabled since Fri Jun 15
Reason: Disabled by an administrator.
svc:/network/rpc/smserver:default (removable media management)
State: uninitialized since Thu Jun 14
Reason: Restarter svc:/network/inetd:default is not running.
Impact: 1 dependent service is not running.
svc:/network/rpc/rstat:default (kernel statistics server)
State: uninitialized since Thu Jun 14
Reason: Restarter svc:/network/inetd:default is not running.
Impact: 1 dependent service is not running.
If I start the script manually in the zone, it will run the service, which I can access from the web browser locally, pointing to the IPs assigned to the zone, but they cannot be reached from other machines in the subnet.
Looks like I'm missing quite a bit of configuration for the zone?

Similar Messages

3.1.1 DNS with internal/external zone

Hello there,
OS X 10.9.2 and Server 3.1.1
I have a server behind nat, I want to configure dns with 2 zone (internal/external), one for private lan and one for internet.
Internet IP : 12.12.12.12 -> NAT -> Server IP : 10.10.10.10
Domain : mydomain.com
I want in private network server.mydomain.com have ip 10.10.10.10 and from internet 12.12.12.12, how I can configure that zones ?!
For example if I ping from lan server.mydomain.com to have reply from 10.10.10.10 and if i ping from internet to have reply from 12.12.12.12
I try to configure with Server Admin but from internet i have response with internal ip
Please help me to configure that split horizon dns.
Thank you !
Adrian

adriandascalu wrote:
Only lan DNS (192.168.0.10) where I have private zone of dns, and 8.8.8.8 .. All works fine now.
It'll work for a while, and depending on which translation is requested and with which DNS server is queried. Should there be DNS translation failures for local addresses, then the client is probably aimed at Google DNS and will then probably need to eliminate that DNS server as an option for queries. Not all DNS clients will try multiple servers, and Google DNS cannot return local translations, after all.
Unrelated: if you're planning on using a VPN, 192.168.0.0/24 and 192.168.1.0/24 aren't the best choices for a NAT'd network — those two are very commonly used in home networks and coffee shops and such. VPNs are based on IP routing and IP routing is based on the subnets on the local and remote ends of the VPN, and IP routing doesn't generally work well with the same subnet present on both ends of the connection.

Error: while Selecting External table

Hi everybody,
When i Select an external table i am getting this error. The file is like this:
229|1|506460|SIGROUP |4890|100|0|0|10:31:01|2007/12/17|M009|20191395001|L|B|12|CLIENT|INE547A01012|10:31:00|
229|1|506460|SIGROUP |4900|900|0|0|10:31:01|2007/12/17|M009|20191395001|L|B|13|CLIENT|INE547A01012|10:31:00|
229|1|500407|SWARAJENG |21400|300|0|0|10:33:28|2007/12/17|OWN|20191397001|L|B|154|OWN|INE277A01016|10:33:28|
I had created the Table like this:
SQL> CREATE TABLE TEMP_SAUDA
2 (S_A VARCHAR2(20),
3 S_TYPE VARCHAR2(20),
4 S_CO VARCHAR2(20),
5 S_CONAME VARCHAR2(40),
6 S_RATE NUMBER,
7 S_QTY NUMBER,
8 S_G NUMBER,
9 S_H NUMBER,
10 S_TIME TIMESTAMP WITH TIME ZONE,
11 S_DATE DATE,
12 S_PCODE VARCHAR2(20),
13 S_SETNO VARCHAR2(20),
14 S_M VARCHAR2(20),
15 S_N VARCHAR2(20),
16 S_O VARCHAR2(20),
17 S_CLIENTOWN VARCHAR2(10),
18 S_ISIN VARCHAR2(12),
19 S_ORDER_TIME TIMESTAMP WITH TIME ZONE
20 )
21 ORGANIZATION EXTERNAL
22 (TYPE oracle_loader
23 DEFAULT DIRECTORY BSE17122007
24 ACCESS PARAMETERS
25 (RECORDS DELIMITED BY NEWLINE
26 FIELDS
27 (
28 S_A CHAR(20),
29 S_TYPE CHAR(20),
30 S_CO CHAR(20),
31 S_CONAME CHAR(20),
32 S_RATE CHAR(20),
33 S_QTY CHAR(20),
34 S_G CHAR(20),
35 S_H CHAR(20),
36 S_TIME CHAR(35) date_format TIMESTAMP WITH TIMEZONE mask "DD-MON-RR HH.MI.SSXFF AM TZH:TZM
37 S_DATE CHAR(22) date_format DATE mask "mm/dd/yyyy hh:mi:ss ",
38 S_PCODE CHAR(20),
39 S_SETNO CHAR(20),
40 S_M CHAR(20),
41 S_N CHAR(20),
42 S_O CHAR(20),
43 S_CLIENTOWN CHAR(20),
44 S_ISIN CHAR(20),
45 S_ORDER_TIME date_format TIMESTAMP WITH TIMEZONE mask "DD-MON-RR HH.MI.SSXFF AM TZH:TZM"
46 )
47 )
48 location (BSE17122007:'BR171207.DAT')
49 )
50 ;
Table created.
SQL> SELECT * FROM TEMP_SAUDA;
SELECT * FROM TEMP_SAUDA
ERROR at line 1:
ORA-29913: error in executing ODCIEXTTABLEOPEN callout
ORA-29400: data cartridge error
KUP-00554: error encountered while parsing access parameters
KUP-01005: syntax error: found "date_format": expecting one of: "binary_double,
binary_float, comma, char, date, defaultif, decimal, double, float, integer, (,
nullif, oracle_date, oracle_number, position, raw, recnum, ), unsigned,
varrawc, varchar, varraw, varcharc, zoned"
KUP-01007: at line 21 column 14
ORA-06512: at "SYS.ORACLE_LOADER", line 19
Is there any mistake in this table creation.
what i have to declare to the time format if the format in the file id hh:mm:ss
Thank u...!
Ravi

The output you posted is completely wrong, I could not even create the table without errors.
Try with this.
CREATE TABLE TEMP_SAUDA
(S_A VARCHAR2(20),
S_TYPE VARCHAR2(20),
S_CO VARCHAR2(20),
S_CONAME VARCHAR2(40),
S_RATE NUMBER,
S_QTY NUMBER,
S_G NUMBER,
S_H NUMBER,
S_TIME TIMESTAMP WITH TIME ZONE,
S_DATE DATE,
S_PCODE VARCHAR2(20),
S_SETNO VARCHAR2(20),
S_M VARCHAR2(20),
S_N VARCHAR2(20),
S_O VARCHAR2(20),
S_CLIENTOWN VARCHAR2(10),
S_ISIN VARCHAR2(12),
S_ORDER_TIME TIMESTAMP WITH TIME ZONE
ORGANIZATION EXTERNAL
(TYPE oracle_loader
DEFAULT DIRECTORY BSE17122007
ACCESS PARAMETERS
(RECORDS DELIMITED BY NEWLINE
FIELDS terminated by "|"
S_A CHAR(20),
S_TYPE CHAR(20),
S_CO CHAR(20),
S_CONAME CHAR(20),
S_RATE CHAR(20),
S_QTY CHAR(20),
S_G CHAR(20),
S_H CHAR(20),
S_TIME CHAR(8) date_format TIMESTAMP WITH TIMEZONE mask "HH.MI.SSXFF AM TZH:TZM",
S_DATE CHAR(10) date_format DATE mask "yyyy/mm/dd",
S_PCODE CHAR(20),
S_SETNO CHAR(20),
S_M CHAR(20),
S_N CHAR(20),
S_O CHAR(20),
S_CLIENTOWN CHAR(20),
S_ISIN CHAR(20),
S_ORDER_TIME char(8) date_format TIMESTAMP WITH TIMEZONE mask "HH.MI.SSXFF AM TZH:TZM"
location (BSE17122007:'BR171207.DAT')
;With this you get:
SQL> col s_time format a40
SQL> col s_date format a40
SQL> col s_order_time format a40
SQL> r
1* select s_time,s_date,s_order_time from temp_sauda
S_TIME                                   S_DATE                                   S_ORDER_TIME
01-JAN-08 10.31.01.000000 AM +00:00      17.DEC.2007 00:00:00                     01-JAN-08 10.31.00.000000 AM +00:00
01-JAN-08 10.31.01.000000 AM +00:00      17.DEC.2007 00:00:00                     01-JAN-08 10.31.00.000000 AM +00:00
01-JAN-08 10.33.28.000000 AM +00:00      17.DEC.2007 00:00:00                     01-JAN-08 10.33.28.000000 AM +00:00Be aware that your file does not contain date information for the time fields, so as you see above it is defaulted to 01-JAN-08 for the S_TIME and S_ORDER_TIME column.

SharePoint 2013 - Office Web Apps - Internal and External Use

I have successfully installed SharePoint 2013 and Office Web Apps on Azure VMs inside an Azure Virtual Network (IaaS model). Everyting is working well. However, my testing has shown that external users and internal users can't use Office Web Apps at the
same time.
Office Web Apps, installed on its own vm, accomodates an external and internal URL quite well. However, SharePoint 2013 appears to only allow one setting for WOPI Zone, either internal or external but not both. I've set the WOPI zone to Internal-HTTPS (Set-SPWOPIZone
–Zone “internal-https”). OWA works just fine if accessed from inside the Azure Virtual Network. However, if I try to access from outside the Virtual Network, from the Internet, Office Web Apps fails. The exact oppisite is also true. I can set WOPI Zone to
External-HTTPS and accessing from the Internet works fine, but accessing inside the Virtual Network fails.
Am I missing something? I, obviously, want Office Webs Apps to function properly for both internal and external users simultaneously.
I appreciate any help anyone can provide here.
Glenn

Hi Glenn,
To have both the use of Internet and Internal available to your end-users, you first need to configure AAM setting. Open Central Administration > Application Management > Configure alternate access mappings. Let's say there is an existing web application
named http://sharepoint and my end-users from local network are able to access it using the URL http://sharepoint (root site collection). Here you need to add the Internet URL by select the web application and click Edit Public URLs. Add the Internet domain
to the web application, e.g http://sharepoint.abc.com. You don't necessarily have to edit binding setting in IIS. Before continuing next steps, make sure you are able to access http://sharepoint.abc.com from the Internet while being able to access http://sharepoint
from local network (aka Internal).
On the machine where Office Web App (OWA) Server 2013 is installed, open PowerShell to add OWA module and use the following command to re-create a new OWA server farm if you've completed configuring it previously.
New-OfficeWebAppsFarm -InternalUrl "http://owa" -ExternalUrl "http://owa.abc.com" -EditingEnabled.
In this case, I'm not using SSL certificate to encrypt data over the Internet. You can use Internet-public IP of the OWA server like -ExternalUrl "http://198.xxx.xxx.xx". Add CertifcateName parameter if you want to use whether CA-issued certificate
or self-signed certificate.
On your SharePoint machine, you need to re-bind all WFE machines to WAC farm using the cmdlet New-SPWOPIBinding. Next, you need to set the WOPI zone for both internal and external.
Set-SPWOPIZone -zone "external-http"
Note: I'm not all using certificate in my guidance. But the steps to have it configured is just to add more parameter.
I've recently successfully deployed OWA multi-server farm for both internal and internet uses for two big clients. In real-world scenario, ideally OWA should be published through firewall (Forefront UAG, TMG, F5...etc). Please let me know if you still have
issues after following my steps. My email: [email protected]
Regards,
-T.s
Thuan Soldier
A 23-year-old man loving Microsoft technologies and making crazy ideas on business journey.
SharePoint Vietnam |
Blog | Twitter

Forcing traffic through load balancer rather than zone to zone

I have several T5140s with 2 LDOMs. Within each LDOM I have multiple zones which contain 2 environments. Each environment comprises the following, an apache instance behind a BigIP load balancer, a JBoss instance, and several misc. The jboss zone has three IP address assigned for multiple applications. Each server is configured identically as far as zone and LDOM layout. We use mod_cluster to cluster our apache and Jboss environment. What I'm trying to accomplish is forcing the apache zone's traffic through the BigIP rather than zone to zone.
Referring to the information below, server2ldom1jboss is one jboss node which needs to connect to both server2ldom1japache and server1ldom1apache. server2ldom1jboss connects to server2ldom1apache via its DNS name which is a NAT address. So webserver2 resolves to 10.10.2.5 which NATs to 10.10.1.5 behind the BigIP. webserver2 responds directly to the jboss zone rather than through the BigIP. Not good. server1ldom1apache works correctly as it's not a local zone.
Referring to this document, https://blogs.oracle.com/solarium/resource/solaris-container-guide-en-v3.1.pdf
section 5.2.7.8
"Connection of zones via external routers using the shared IP instance"
I've created the following routes
route add 10.10.2.5 10.10.1.5
route add 10.10.0.34 10.10.1.5 -interface -reject
route add 10.10.0.35 10.10.1.5 -interface -reject
route add 10.10.0.87 10.10.1.5 -interface -reject
route add 10.10.1.5 10.10.0.87 -interface -reject
route add 10.10.1.5 10.10.0.34 -interface -reject
route add 10.10.1.5 10.10.0.35 -interface -reject
This does prevent the zone to zone traffic, but it also preventing any response. I've tried other options as well, but have not been successful yet. What concerns me is this "These interfaces must not be used elsewhere in the global zone." The 5140 has 4 ethernet ports, which are configured into two port channels. vnet0 and vnet1. The apache instances use vnet1. The remaining zones use vnet0, including the global zone (server2ldom1 10.10.0.21). I think this may be the issue, but do not see an easy resolution without breaking my port channels and losing redundancy and fail-over.
If there is anything I'm missing or a better/different way to do this, I would greatly appreciate any input on this matter.
Thank you.
webserver2 10.10.2.5 NATs to 10.10.1.5
jboss apps 10.10.0.34, 10.10.0.35, 10.10.0.87
10.10.0.0/24 is the lan
10.10.1.0/24 is the network behind the BigIP
10.10.2.0/24 is the webserver network (in front of the BigIP)
[1658]root@server2:~# ldm list-bindings
NAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIME
primary active -n-cv- SP 4 2G 1.1% 138d 5h
MAC
00:14:4f:ec:20:ff
HOSTID
0x84ec20b8
VCPU
VID PID UTIL STRAND
0 0 2.0% 100%
1 1 1.4% 100%
2 2 0.7% 100%
3 3 2.1% 100%
MAU
ID CPUSET
0 (0, 1, 2, 3, 4, 5, 6, 7)
MEMORY
RA PA SIZE
0x8000000 0x8000000 2G
VARIABLES
boot-device=/pci@0/pci@0/pci@2/scsi@0/disk@0,0:a disk net
keyboard-layout=US-English
nvramrc=devalias rootdisk /pci@0/pci@0/pci@2/scsi@0/disk@0,0:a devalias rootmirror /pci@0/pci@0/pci@2/scsi@0/disk@1,0:a
security-mode=none
security-password=
use-nvramrc?=true
IO
DEVICE PSEUDONYM OPTIONS
pci@0 pci
niu@80 niu
VCC
NAME PORT-RANGE
primary-vcc0 5000-5010
CLIENT PORT
group1@primary-vcc0 5000
group1@primary-vcc0 5000
VSW
NAME MAC NET-DEV DEVICE DEFAULT-VLAN-ID PVID VID MODE
primary-vsw0 00:14:4f:f9:ff:ff aggr1 switch@0 1 1
PEER MAC PVID VID
vnet0@ldom2 00:14:4f:fb:7b:ff 1
vnet0@ldom1 00:14:4f:fb:1a:ff 1
NAME MAC NET-DEV DEVICE DEFAULT-VLAN-ID PVID VID MODE
primary-vsw1 00:14:4f:fb:8e:ff aggr2 switch@1 1 1
PEER MAC PVID VID
vnet1@ldom1 00:14:4f:f8:17:ff 1
vnet1@ldom2 00:14:4f:f8:c2:ff 1
VDS
NAME VOLUME OPTIONS MPGROUP DEVICE
primary-vds0 ldom2_swap /ldoms/swap/server2ldom2
ldom2_root /dev/dsk/c4t600601601CE1210018F9E37BD2AADD11d0s2
ldom1_swap /ldoms/swap/server2ldom1
ldom1_root /dev/dsk/c4t600601601CE121007E02166CD2AADD11d0s2
CLIENT VOLUME
ldom2_swap@ldom2 ldom2_swap
ldom2_root@ldom2 ldom2_root
ldom1_swap@ldom1 ldom1_swap
ldom1_root@ldom1 ldom1_root
VCONS
NAME SERVICE PORT
SP
NAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIME
ldom1 active -n---- 5000 30 15G 3.7% 192d 6h
MAC
00:14:4f:f8:a5:ff
HOSTID
0x84f8a5f5
VCPU
VID PID UTIL STRAND
0 4 0.4% 100%
1 5 0.3% 100%
2 6 0.1% 100%
3 7 4.4% 100%
4 8 0.2% 100%
5 9 0.2% 100%
6 10 14% 100%
7 11 0.1% 100%
8 12 8.1% 100%
9 13 0.1% 100%
10 14 0.1% 100%
11 15 0.1% 100%
12 16 0.3% 100%
13 17 0.1% 100%
14 18 0.1% 100%
15 19 0.1% 100%
16 20 0.3% 100%
17 21 0.6% 100%
18 22 0.3% 100%
19 23 0.1% 100%
20 54 1.0% 100%
21 55 0.5% 100%
22 56 1.2% 100%
23 57 0.2% 100%
24 58 4.5% 100%
25 59 0.9% 100%
26 60 0.0% 100%
27 61 0.1% 100%
28 62 0.1% 100%
29 63 0.3% 100%
MAU
ID CPUSET
1 (8, 9, 10, 11, 12, 13, 14, 15)
2 (16, 17, 18, 19, 20, 21, 22, 23)
6 (48, 49, 50, 51, 52, 53, 54, 55)
7 (56, 57, 58, 59, 60, 61, 62, 63)
MEMORY
RA PA SIZE
0x8000000 0x88000000 10G
0x401800000 0x6b1800000 5G
VARIABLES
auto-boot?=true
boot-device=ldom1_root:b
NETWORK
NAME SERVICE DEVICE MAC MODE PVID VID
vnet0 primary-vsw0@primary network@0 00:14:4f:fb:1a:ff 1
PEER MAC MODE PVID VID
primary-vsw0@primary 00:14:4f:f9:ff:ff 1
vnet0@ldom2 00:14:4f:fb:7b:ff 1
NAME SERVICE DEVICE MAC MODE PVID VID
vnet1 primary-vsw1@primary network@1 00:14:4f:f8:17:ff 1
PEER MAC MODE PVID VID
primary-vsw1@primary 00:14:4f:fb:8e:ff 1
vnet1@ldom2 00:14:4f:f8:c2:ff 1
DISK
NAME VOLUME TOUT DEVICE SERVER MPGROUP
ldom1_swap ldom1_swap@primary-vds0 disk@0 primary
ldom1_root ldom1_root@primary-vds0 disk@1 primary
VCONS
NAME SERVICE PORT
group1 primary-vcc0@primary 5000
NAME STATE FLAGS CONS VCPU MEMORY UTIL UPTIME
ldom2 active -n---- 5000 30 15000M 0.8% 192d 6h
MAC
00:14:4f:fa:e8:ff
HOSTID
0x84fae839
VCPU
VID PID UTIL STRAND
0 24 1.0% 100%
1 25 1.0% 100%
2 26 0.0% 100%
3 27 0.0% 100%
4 28 0.1% 100%
5 29 0.3% 100%
6 30 0.0% 100%
7 31 0.0% 100%
8 32 0.0% 100%
9 33 0.1% 100%
10 34 1.3% 100%
11 35 0.0% 100%
12 36 0.1% 100%
13 37 1.0% 100%
14 38 1.9% 100%
15 39 0.0% 100%
16 40 0.0% 100%
17 41 0.0% 100%
18 42 0.1% 100%
19 43 0.5% 100%
20 44 0.2% 100%
21 45 0.0% 100%
22 46 0.2% 100%
23 47 0.4% 100%
24 48 0.2% 100%
25 49 0.0% 100%
26 50 0.0% 100%
27 51 0.0% 100%
28 52 0.0% 100%
29 53 0.0% 100%
MAU
ID CPUSET
3 (24, 25, 26, 27, 28, 29, 30, 31)
4 (32, 33, 34, 35, 36, 37, 38, 39)
5 (40, 41, 42, 43, 44, 45, 46, 47)
MEMORY
RA PA SIZE
0x8000000 0x308000000 15000M
VARIABLES
auto-boot?=true
boot-device=/virtual-devices@100/channel-devices@200/disk@1:b ldom2_root
keyboard-layout=US-English
NETWORK
NAME SERVICE DEVICE MAC MODE PVID VID
vnet0 primary-vsw0@primary network@0 00:14:4f:fb:7b:ff 1
PEER MAC MODE PVID VID
primary-vsw0@primary 00:14:4f:f9:ff:ff 1
vnet0@ldom1 00:14:4f:fb:1a:ff 1
NAME SERVICE DEVICE MAC MODE PVID VID
vnet1 primary-vsw1@primary network@1 00:14:4f:f8:c2:ff 1
PEER MAC MODE PVID VID
primary-vsw1@primary 00:14:4f:fb:8e:ff 1
vnet1@ldom1 00:14:4f:f8:17:ff 1
DISK
NAME VOLUME TOUT DEVICE SERVER MPGROUP
ldom2_swap ldom2_swap@primary-vds0 disk@0 primary
ldom2_root ldom2_root@primary-vds0 disk@1 primary
VCONS
NAME SERVICE PORT
group1 primary-vcc0@primary 5000
[1657]root@server2ldom1:~# ifconfig -a
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
lo0:1: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
zone server2ldom1z3
inet 127.0.0.1 netmask ff000000
lo0:2: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
zone server2ldom1z2
inet 127.0.0.1 netmask ff000000
lo0:3: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
zone server2ldom1z6
inet 127.0.0.1 netmask ff000000
lo0:4: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
zone server2ldom1jboss
inet 127.0.0.1 netmask ff000000
lo0:5: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
zone server2ldom1apache
inet 127.0.0.1 netmask ff000000
lo0:6: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
zone server2ldom1z1
inet 127.0.0.1 netmask ff000000
vnet0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet 10.10.0.21 netmask ffffff00 broadcast 10.10.0.255
ether 0:14:4f:fb:1a:ff
vnet0:1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
zone server2ldom1z2
inet 10.10.0.33 netmask ffffff00 broadcast 10.10.0.255
vnet0:2: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
zone server2ldom1z6
inet 10.10.0.36 netmask ffffff00 broadcast 10.10.0.255
vnet0:3: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
zone server2ldom1jboss
inet 10.10.0.34 netmask ffffff00 broadcast 10.10.0.255
vnet0:4: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
zone server2ldom1jboss
inet 10.10.0.35 netmask ffffff00 broadcast 10.10.0.255
vnet0:5: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
zone server2ldom1z1
inet 10.10.0.32 netmask ffffff00 broadcast 10.10.0.255
vnet0:6: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
zone server2ldom1z1
inet 10.10.0.74 netmask ffffff00 broadcast 10.10.0.255
vnet0:7: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
zone server2ldom1jboss
inet 10.10.0.87 netmask ffffff00 broadcast 10.10.0.255
vnet1: flags=1000842<BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 3
inet 0.0.0.0 netmask 0
ether 0:14:4f:f8:17:ff
vnet1:1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 3
zone server2ldom1z3
inet 10.10.1.101 netmask fffffc00 broadcast 10.10.47.255
vnet1:2: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 3
zone server2ldom1apache
inet 10.10.1.5 netmask fffffc00 broadcast 10.10.47.255
[1701]root@server2ldom1:~# zonecfg -z server2ldom1jboss info
zonename: server2ldom1jboss
zonepath: /zones/server2ldom1jboss
brand: native
autoboot: true
bootargs:
pool:
limitpriv:
scheduling-class:
ip-type: shared
inherit-pkg-dir:
dir: /lib
inherit-pkg-dir:
dir: /platform
inherit-pkg-dir:
dir: /sbin
inherit-pkg-dir:
dir: /usr
inherit-pkg-dir:
dir: /opt/sfw
inherit-pkg-dir:
dir: /opt/
net:
address: 10.10.0.34
physical: vnet0
defrouter: 10.10.0.1
net:
address: 10.10.0.35
physical: vnet0
defrouter: 10.10.0.1
net:
address: 10.10.0.87
physical: vnet0
defrouter: 10.10.0.1
attr:
name: comment
type: string
value: server2ldom1jboss
[1702]root@server2ldom1:~# zonecfg -z server2ldom1apache info
zonename: server2ldom1apache
zonepath: /zones/server2ldom1apache
brand: native
autoboot: true
bootargs:
pool:
limitpriv:
scheduling-class:
ip-type: shared
inherit-pkg-dir:
dir: /lib
inherit-pkg-dir:
dir: /platform
inherit-pkg-dir:
dir: /sbin
inherit-pkg-dir:
dir: /usr
inherit-pkg-dir:
dir: /opt/sfw
inherit-pkg-dir:
dir: /opt/
net:
address: 10.10.1.5/22
physical: vnet1
defrouter not specified
attr:
name: comment
type: string
value: server2ldom1apache
Edited by: coreyva on Feb 18, 2012 11:36 AM

After further research, I think the best course of action will be to create a VLAN for the zone behind the BigIP and then create the corresponding interface in the vlan and zone. Using this links as my references in case anyone is interested. I'll post what I come up with.
https://blogs.oracle.com/stw/entry/using_ip_instances_with_vlans
https://blogs.oracle.com/stw/entry/solaris_zones_and_networking_common
http://docs.oracle.com/cd/E19253-01/816-4554/816-4554.pdf # AdministeringVirtualLocalAreaNetworks
http://docs.oracle.com/cd/E19053-01/ldoms.mgr11/820-4913-10/820-4913-10.pdf # Assign VLANs to a Virtual Switch and Virtual
Network Device

Interzone communication with local defined zones

We have defined two local zones. The internal zone allows only to register from an private network. The other zone allows to register clients from all other zone. The gatekeeper is accessible through static nat from the outside.
Netmeeting clients from the different networks are registered in the right zone. Clients in the same zone can talk eachother. If we try to connect to an user in the other zone, we get a message that the specified user is not registerd in any zone.
Our question: How can users from one zone see other users in the other zone, and how can they connect ? Should the h323-id of the client have a suffix like the zone name?
gatekeeper
zone local internal internal.net 10.x.x.x
zone local external external.net
zone subnet internal 10.x.x.x/24 enable
no zone subnet internal default enable
no zone subnet external 10.x.x.x/24 enable
zone subnet external default enable
.use-proxy internal remote-zone external inbound-to terminal
use-proxy internal remote-zone external outbound-from terminal
no shutdown
Further the proxy function between the terminals of both zone is activated. the proxy interface is defined on the physical interface.

Some of these cisco documents could help you solve the problem.
Basic Two Zone Gateway - Gatekeeper Configuration
http://www.cisco.com/warp/public/788/voip/2zone_gw_gk.html
Configuring Basic Gatekeeper Call Admission Control
http://www.cisco.com/warp/public/788/voip/add_control_gk.html
Understanding Cisco IOS H.323 Gatekeeper Call Routing
http://www.cisco.com/warp/public/788/voip/gk-call-routing.html
Configuring a Cisco IOS H.323 Gateway for Use with Cisco CallManager
http://www.cisco.com/warp/public/788/AVVID/config_h323_ccm.html

Intermittent Routing between Shared IP Zones

I've setup a single machine with zones for apache and mail services which use the global zone's external data link. I've setup the zones as shared-ip zones:
zonename: apache
net:
     address: 192.168.0.1/24
     physical: bge1
     defrouter not specified
zonename: mail
net:
     address: 192.168.0.2/24
     physical: bge1
     defrouter not specified
The zones have their routing setup in the global some as such:
route add public apache -interface
route add public mail -interface
And the global ifconfig is as such:
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
     inet 127.0.0.1 netmask ff000000
lo0:1: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
     zone mail
     inet 127.0.0.1 netmask ff000000
lo0:2: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
     zone apache
     inet 127.0.0.1 netmask ff000000
bge1: flags=1100843<UP,BROADCAST,RUNNING,MULTICAST,ROUTER,IPv4> mtu 1500 index 2
     inet XXX.XXX.XXX.XXX netmask fffffff8 broadcast XXX.XXX.XXX.XXX
     ether 0:23:8b:aa:15:6b
bge1:1: flags=1100843<UP,BROADCAST,RUNNING,MULTICAST,ROUTER,IPv4> mtu 1500 index 2
     zone mail
     inet 192.168.0.2 netmask ffffff00 broadcast 192.168.0.255
bge1:2: flags=1100843<UP,BROADCAST,RUNNING,MULTICAST,ROUTER,IPv4> mtu 1500 index 2
     zone apache
     inet 192.168.0.1 netmask ffffff00 broadcast 192.168.0.255
The global zone is configured with NAT to map and rdr between the global ip address and the zone's local ip address.
The configuration works and runs ok, but i keep getting connection timeouts about 50% of the time.
I've snooped the tcp connections from the global zone but they are going unanswered even though the zones are running and responding correctly. The ipmon log shows the same behaviour with in requests but no mapped out responses during the connection timeouts.
I think this might be a problem with routing between zones with shared-ip but i'm not sure what i can do to fix the problem?
I'm running Solaris 10 10/09.
Thanks,
Cam

sowmini wrote:
The zones have their routing setup in the global some as such:
route add public apache -interface
route add public mail -interfaceit's not clear what "apache" and "mail" are, in your example above: are these the IP addresses assigned to
each of the non-global zones? (I'm assuming "public" is a subnet that you want the NGZ's to reach?)
yes, apache and mail are the local hostname of the 2 zones which are running those services which is specified in /etc/hosts
apache is 192.168.0.1/24
mail is 192.168.0.2/24
public is the subnet of the global zone's only ip address and external network
>
The global zone is configured with NAT to map and rdr between the global ip address and the zone's local ip address.
The configuration works and runs ok, but i keep getting connection timeouts about 50% of the time.What does "netstat -s -P ip" show? that may tell you where the packets are sporadically getting dropped
Here's the output of running the command:
bash-3.00# netstat -s -P ip
IPv4 ipForwarding = 1 ipDefaultTTL = 255
ipInReceives =8454948 ipInHdrErrors = 0
ipInAddrErrors = 0 ipInCksumErrs = 0
ipForwDatagrams = 152 ipForwProhibits = 0
ipInUnknownProtos = 114 ipInDiscards = 3
ipInDelivers =64396846 ipOutRequests =6476680
ipOutDiscards = 0 ipOutNoRoutes = 238
ipReasmTimeout = 60 ipReasmReqds = 0
ipReasmOKs = 0 ipReasmFails = 0
ipReasmDuplicates = 0 ipReasmPartDups = 0
ipFragOKs = 0 ipFragFails = 0
ipFragCreates = 0 ipRoutingDiscards = 0
tcpInErrs = 3 udpNoPorts = 2435
udpInCksumErrs = 0 udpInOverflows = 0
rawipInOverflows = 0 ipsecInSucceeded = 0
ipsecInFailed = 0 ipInIPv6 = 0
ipOutIPv6 = 0 ipOutSwitchIPv6 = 0
i found this discussion on the networking forum which sounds very similar to what i'm seeing but i've tried to set a static arp for the public router but it doesn't seem to have made much difference:
Solaris Server timeouts
when all is working the media table looks like this:
bash-3.00# netstat -pn
Net to Media Table: IPv4
Device IP Address Mask Flags Phys Addr
bge1 XXX.XXX.XXX.137 255.255.255.255 o 00:0c:31:ec:1b:01
bge1 192.168.0.1 255.255.255.255 SPLA 00:23:8b:aa:15:6b
bge1 192.168.0.2 255.255.255.255 SPLA 00:23:8b:aa:15:6b
bge1 XXX.XXX.XXX.138 255.255.255.255 SPLA 00:23:8b:aa:15:6b
bge1 224.0.0.0 240.0.0.0 SM 01:00:5e:00:00:00
and then every half hour to an hour, the router gets dropped and the table is flushed out before getting re-created:
Net to Media Table: IPv4
Device IP Address Mask Flags Phys Addr
bge1 192.168.0.1 255.255.255.255 SPLA 00:23:8b:aa:15:6b
bge1 192.168.0.2 255.255.255.255 SPLA 00:23:8b:aa:15:6b
bge1 XXX.XXX.XXX.138 255.255.255.255 SPLA 00:23:8b:aa:15:6b
bge1 224.0.0.0 240.0.0.0 SM 01:00:5e:00:00:00

DNS ZONE Config on CSS

Hi All,
Is it possible to config DNS ZONE config on CISCO CSS.
Can anyone explain me what does this commands do
dns-server zone 1 tier1 "primary"
dns-server
dns-record a <Zone Name> <External IP> 1 single kal-icmp <VIP> 254 sticky-disabled weightedrr 1

How to Configure the CSS to Load Balance DNS Servers
http://www.cisco.com/en/US/products/hw/contnetw/ps789/products_configuration_example09186a00801d015a.shtml
For example,Basically we need to enter the following commands:
Configure the DNS server zone for zone-based DNS. Specify the zone, tier number, and an optional text description:
- CSS (config)# dns-server zone 0 tier1 ""
Configure the CSS to act as a DNS server:
- CSS (config)# dns-server
Add the DNS records as needed:
- CSS (config)# dns-record a www.home.com 192.x.1.1 15 single kal-ap 172.x.25.1 50
sticky-enabled
Configure DNS as primary to point to itself:
CSS (config)# dns primary 172.x.1.90
(circuit VLAN1 - ip address 172.3x.1.90 / 24)
This is just an example but it is basically all you need to configure DNS on the box.
DNS configuration commands:
http://www.cisco.com/univercd/cc/td/doc/product/webscale/css/css_710/cmdrefgd/cmdglobc.htm#wp1104782
A different use on the box for DNS would be basically to load balance the DNS traffic
between DNS servers. This is however something different to configure on the box and more
details can be found here:

Updated Site Zones and AAM - Now Social features URLs are wrong... Sometimes?

So we just deployed the following SharePoint sites into production with the default site extended to the Extranet zone as followed:
Default - https://share.domain.com:444 - NTLM Auth
Extranet - https://share.domain.com - ADFS\SAML Claims Auth
Default - https://my.domain.com:444 - NTLM Auth
Extranet - https://my.domain.com - ADFS\SAML Claims
Default - https://search.domain.com:444 - NTLM Auth
Extranet - https://search.domain.com - ADFS\SAML Claims
The default zone is used for search only while all users access SharePoint through the Extranet zone. Search works fine when looking for documents and people. My issues start showing up in the social features.
For instance, if I click on the "Sites" link in the top bar I see the sites I follow along with the suggested sites. The URLs for the sites I follow are correct. However, the Suggested Sites all return the Default Zone URL. When I follow a document
or site however, the URL is always of the Default zone in my activity feed. Alerts for new content use the Default zone in the email; yet alerts for sharing approval use the correct Extranet zone. To top it off if I search for anything on any of
the sites, the URLs are correct for the zone I am in. Now here is the real crazy part. We have the same configuration in a Test domain deployment and everything works perfectly!?
Any ideas? The only thing different is that production goes through an F5 for both internal and external access. While test goes through a reverse proxy for external access and internal access goes straight to the WFE server.

Hi Nick,
For the Suggested Sites, we need to click the fresh button to fresh the sites, and then the URL for the sites will display with the corresponding zone URL.
For the alerts, it is a known issue in SharePoint.
The Immediate Alerts are sent based on the SiteURL column stored in the ImmedSubScriptions table of the content database.
This means that the alerts are sent based on the URL the user used when the subscription was made.
As a workaround so far, we need to add the zone for external users to the zone that allows cross firewall access.
https://bcplanning-public.sharepoint.com/Lists/Posts/Post.aspx?ID=279
http://sureshpydi.blogspot.com/2013/07/sharepoint-2013-configure-external.html
However, this workaround does not apply to Newsfeed notification emails.
Best regards.
Thanks
TechNet Community Support
Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact
[email protected]

Office Web Apps is HTTP, But, Want to change it to HTTPS - How ?

Forum,
We have deployed and configured a single Office Web Apps server farm to use HTTP, Using TechNet instructions e.g.:
New-OfficeWebAppsFarm -InternalURL "http://servername" -AllowHttp -EditingEnabled
New-SPWOPIBinding -ServerName <WacServerName> -AllowHTTP
Set-SPWOPIZone -zone "internal-http"
AllowOAuthOverHttp to True
And everything is working perfectly fine !
We now need to change it to use HTTPS and we have a certificate for that. But, Since it has been already configured with HTTP and it already has a configured binding, How can I change all this to HTTPS ?

you can try rebuilding the binding at SharePoint server -
https://technet.microsoft.com/en-us/library/ff431687
Remove-SPWOPIBinding -All:$true
New-SPWOPIBinding -ServerName <WacServerName>
Get-SPWOPIZone
// Take note of the WOPI zone that is displayed.
Set-SPWOPIZone -zone "external-https"
//If the results from Step 3 show that internal-https and the SharePoint farm is internal only, you can skip this step. If you have a SharePoint farm that’s internal and external, you need to run the following command to change the zone to external-https.
Or try by Rebuilding the OfficeWebApps Farm -
http://blogs.technet.com/b/office_web_apps_server_2013_support_blog/archive/2013/12/20/office-web-apps-2013-rebuild-your-farm-in-a-few-easy-steps.aspx
Take farm offline
Remove each machine (parent and child) from the farm
Recreate the farm - New-OfficeWebAppsFarm -InternalUrl "https://server.domain.com" -EditingEnabled -CertificateName *.domain.com
Rebuild the bindings on SharePoint Server : As explained above
Thanks
Ganesh Jat [My Blog |
LinkedIn | Twitter ]
Please click 'Mark As Answer' if a post solves your problem or 'Vote As Helpful' if it was useful.

What is the best solution to create SharePoint Extranet Application for existing windows web application ?

Hello,
At present my SharePoint farm is having following domains:
1) Internal Domain - Domain1
2) External Trusted Domain - Domain2
And Following Intranet WebApplications having Windows Mode Authentication:
1) http://mywebapp1.Domain1.com - Single site collection
2) http://mywebapp2.Domain1.com - Multiple site collections
3) http://mywebapp3.Domain1.com - Multiple site collections
Both Domain1 and Domain2 users are able to access above web applications.
Now , we have requirement to add other trusted domains Domain3 , Domain4...etc. and create Extranet Application and I have following questions :
What kind of topology and Authentication is required ?
AD as User Identity storage location is better way for all other domains since there is trust ?
Do I need to just extend all the web applications in extra net zone and create site collection for different domains to isolate security and content as per the need ?
Is there any other best solution to implement extranet application under current environment ?
what kind of other factors are important to consider in order to create extranet application ?
Your help will be highly appreciated.
Thanks and Kind Regards,
Dipti Chhatrapati

Hi Tom,
I have following information till now:
External domain will be trusted with parent domain where SharePoint is installed.
Authentication of external domain will be Windows Authentication.
User Identity storage location will be Active Directory of external domain.
Site to be accessed by external domain will be http://mywebapp1.Domain1.com
Now question is :
Should I assign external AD group ( Domain2ADGroups ) to SP Web Application http://mywebapp1.Domain1.com
OR
Should I extend the application in extranet zone for external domain and then assign permission to extended
application ?
I guess , if authentication is same then no need to extend the application - correct ?
Thank you to look at this thread !
Dipti Chhatrapati

Office Web Apps 2013: SSLOffLoad, Cannot connect Sharepoint.

Hi,
Background.
We have a 2 machine SharePoint 2013 farm and a 2 machine Office Web Apps Farm, both of which are behind a load balancer. Our public DNS holds the records for the two farms: webapps.company.com and sharepoint.company.com. However these domains are not in
the internal DNS and cannot be resolved internally. I've put these in the hosts file on the respective machines, so they can talk to each other.
I'm now at the point where I need to connect SharePoint to the OWA farm. I've followed the guide here: http://technet.microsoft.com/en-us/library/jj219455%28v=office.15%29.aspx
and setup the OWA farm by the specification under the heading "Deploy a multi-server, load balanced, office web apps server farm that uses HTTPS".
My creation string
New-OfficeWebAppsFarm -InternalUrl https://machinename.domain.com -ExternalUrl https://webapps.comapny.com -SSLOffloaded -EditingEnabled
That went ok and the farm is created. I then added the second machine
New-OfficeWebAppsMachine -MachineToJoin "machinename.domain.com"
Now that the farm is created i went ahead and ran
New-SPWOPIBinding -ServerName machinename.company.com
But that just gave me "WARNING: The Server did not respond. Trying again"
Adding the -AllowHttp flag let me continue, but that ended up giving me error when i created or opened a document in Sharepoint.
So my guess is that i need to figure out why i cannot use New-SPWOPIBinding -ServerName machinename.company.com without -AllowHTTP.
It was my understanding that we don't have to setup SSL on the individual farm server as the load balanser woudl take care of that.
Any ideas as to why New-SPWOPIBinding -ServerName machinename.company.com won't work?
Thank you for taking the time to read my post
Regards.

http://social.technet.microsoft.com/wiki/contents/articles/19039.sharepoint-2013-how-to-enable-office-web-apps-to-work-in-both-internal-and-external-environments.aspx
Because I’ve not configured my OWA machine to be published to the Internet so I have to use its Internet-public IP. It’s not a recommended best practice. In your case, the external URL would be http://owa.abc.com
. Above I’m not using SSL certificate
to encrypt data over the Internet. Just add CertificateName parameter if you want to use whether CA-issued certificate
or self-signed certificate. Finally, check both internal URL (http://app03/hosting/discovery
) and external URL (http://198.xxx.xxx.xxx/hosting/discovery
) to confirm everything is working
well. Your screen should display XML structure.
Now you need to re-bind all SharePoint machines to WAC farm using New-SPWOPIBinding (http://technet.microsoft.com/en-us/library/jj219441.aspx
). Next, you just need to set the WOPI
zone for external use even there is an internal use in your SharePoint environment.
1
Set-SPWOPIZone –zone “external-http”
Finally, configure Excel service and then upload an Excel workbook into a document library and check it. Below are the screenshots of OWA working on both internal and external environment.
http://blogs.technet.com/b/ken_prices_sharepoint_blog/archive/2014/01/15/explaining-the-use-of-internal-and-external-wopi-zones-for-office-web-apps.aspx
If this helped you resolve your issue, please mark it Answered

Solaris 10 (sparc) + ZFS boot + ZFS zonepath + liveupgrade

I would like to set up a system like this:
1. Boot device on 2 internal disks in ZFS mirrored pool (rpool)
2. Non-global zones on external storage array in individual ZFS pools e.g.
zone alpha has zonepath=/zones/alpha where /zones/alpha is mountpoint for ZFS dataset alpha-pool/root
zone bravo has zonepath=/zones/bravo where /zones/bravo is mountpoint for ZFS dataset bravo-pool/root
3. Ability to use liveupgrade
I need the zones to be separated on external storage because the intent is to use them in failover data services within Sun Cluster (er, Solaris Cluster).
With Solaris 10 10/08, it looks like I can do 1 & 2 but not 3 or I can do 1 & 3 but not 2 (using UFS instead of ZFS).
Am I missing something that would allow me to do 1, 2, and 3? If not is such a configuration planned to be supported? Any guess at when?
--Frank

Nope, that is still work in progress. Quite frankly I wonder if you would even want such a feature considering the way the filesystem works. It is possible to recover if your OS doesn't boot anymore by forcing your rescue environment to import the zfs pool, but its less elegant than merely mounting a specific slice.
I think zfs is ideal for data and data-like places (/opt, /export/home, /opt/local) but I somewhat question the advantages of moving slices like / or /var into it. Its too early to draw conclusions since the product isn't ready yet, but at this moment I'd only think off disadvantages.

Automatic vendor selection in PR

Hi,
we have one Scenario:
Our Client has 2 kind of customer divided on zone basis North and south. Requirement is like :
IF the Sales order comes comes from North zone customers : group company (A) will deliver the stock to the customer
and if Sales order comes from from South zone customer : External vendor (B) will deliver to the customer
After Sales order creation the PR will automatically generate by the system and based on the Customer zone (North and south) the system will automatically determine the vendor (A or B).
Please suggest how to Proceed with this scenario in SAP?
Thanks & Regards

Senario for A and B is different.
A - deliver stock to customer w.r.t sales order
B - Third party process.
you can not maintain ethier A or B automatically, not possible with standard configuration settings.
Go for ABAP development.

Creating a DNS Server on Oracle Linux 5.8 64 bit

Hi Guys,
I am creating a DNS host setup to resolve the SCAN IPs used in Oracle 11g R2 RAC. The Idea is to resolve 3 IP addres in a round robin fashion.
I am not a hard core linux admin just a DBA.
Please help me get a pointer to troubleshoot this issue.
ovmdnsbox is my DNS HOST going to be used by clusterhost1 and clusterhost2. Want to configure sangramkeshari.net as my domain.
ON ovmdnsbox
=====================
added entry in /etc/named.conf
zone "sangramkeshari.net" IN {
type master;
file "sangramkeshari.net.zone";
allow-update { none; };
zone "56.168.192.in-addr.arpa" in {
type master;
file "56.168.192.in-addr.arpa.zone";
[root@ovmdnsbox named]# pwd
/var/named
[root@ovmdnsbox named]# cat sangramkeshari.net.zone
$TTL 86400
@ IN SOA sangramkeshari.net. sangramkeshari.net. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS localhost
localhost IN A 127.0.0.1
clusterhost-x-scan IN A 192.168.56.131
clusterhost-x-scan IN A 192.168.56.132
clusterhost-x-scan IN A 192.168.56.133
[root@ovmdnsbox named]# cat 56.168.192.in-addr.arpa
$ORIGIN 56.168.192.in-addr.arpa.
$TTL 1H
@ IN SOA sangramkeshari.net. root.sangramkeshari.net. ( 2
3H
1H
1W
1H )
56.168.192.in-addr.arpa. IN NS sangramkeshari.net.
131 IN PTR clusterhost-x-scan.sangramkeshari.net.
132 IN PTR clusterhost-x-scan.sangramkeshari.net.
133 IN PTR clusterhost-x-scan.sangramkeshari.net.
[root@ovmdnsbox named]# service named start
Starting named:
Error in named configuration:
zone localdomain/IN: loaded serial 42
zone localhost/IN: loaded serial 42
zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 1997022700
zone 255.in-addr.arpa/IN: loaded serial 42
zone 0.in-addr.arpa/IN: loaded serial 42
my.internal.zone.db:1: no TTL specified; using SOA MINTTL instead
zone my.internal.zone/IN: loaded serial 1
slaves/my.ddns.internal.zone.db:1: no TTL specified; using SOA MINTTL instead
zone my.ddns.internal.zone/IN: loaded serial 1
zone sangramkeshari.net/IN: loaded serial 42
zone 56.168.192.in-addr.arpa/IN: loading master file 56.168.192.in-addr.arpa.zone: file not found
internal/56.168.192.in-addr.arpa/in: file not found
my.external.zone.db:1: no TTL specified; using SOA MINTTL instead
zone my.external.zone/IN: loaded serial 1
[FAILED]

SangramKeshariDash wrote:
Hi Guys,
I am creating a DNS host setup to resolve the SCAN IPs used in Oracle 11g R2 RAC. The Idea is to resolve 3 IP addres in a round robin fashion.
I am not a hard core linux admin just a DBA.
Please help me get a pointer to troubleshoot this issue.
ovmdnsbox is my DNS HOST going to be used by clusterhost1 and clusterhost2. Want to configure sangramkeshari.net as my domain.
ON ovmdnsbox
=====================
added entry in /etc/named.conf
zone "sangramkeshari.net" IN {
type master;
file "sangramkeshari.net.zone";
allow-update { none; };
zone "56.168.192.in-addr.arpa" in {
type master;Note filename below:
file "56.168.192.in-addr.arpa.zone";
[root@ovmdnsbox named]# pwd
/var/named
[root@ovmdnsbox named]# cat sangramkeshari.net.zone
$TTL 86400
@ IN SOA sangramkeshari.net. sangramkeshari.net. (
42 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS localhost
localhost IN A 127.0.0.1
clusterhost-x-scan IN A 192.168.56.131
clusterhost-x-scan IN A 192.168.56.132
clusterhost-x-scan IN A 192.168.56.133
Note filename here:
[root@ovmdnsbox named]# cat 56.168.192.in-addr.arpa
$ORIGIN 56.168.192.in-addr.arpa.
$TTL 1H
@ IN SOA sangramkeshari.net. root.sangramkeshari.net. ( 2
3H
1H
1W
1H )
56.168.192.in-addr.arpa. IN NS sangramkeshari.net.
131 IN PTR clusterhost-x-scan.sangramkeshari.net.
132 IN PTR clusterhost-x-scan.sangramkeshari.net.
133 IN PTR clusterhost-x-scan.sangramkeshari.net.
[root@ovmdnsbox named]# service named start
Starting named:
Error in named configuration:
zone localdomain/IN: loaded serial 42
zone localhost/IN: loaded serial 42
zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 1997022700
zone 255.in-addr.arpa/IN: loaded serial 42
zone 0.in-addr.arpa/IN: loaded serial 42
my.internal.zone.db:1: no TTL specified; using SOA MINTTL instead
zone my.internal.zone/IN: loaded serial 1
slaves/my.ddns.internal.zone.db:1: no TTL specified; using SOA MINTTL instead
zone my.ddns.internal.zone/IN: loaded serial 1
zone sangramkeshari.net/IN: loaded serial 42Note error message here:
zone 56.168.192.in-addr.arpa/IN: loading master file 56.168.192.in-addr.arpa.zone: file not found
internal/56.168.192.in-addr.arpa/in: file not found
my.external.zone.db:1: no TTL specified; using SOA MINTTL instead
zone my.external.zone/IN: loaded serial 1
[FAILED]

Zones unreachable externally

Similar Messages

Maybe you are looking for