Find it

Tuesday, March 9, 2010

Solaris – Add/remove network interface to a running zone (dynamic Change)

Solaris – Add/remove network interface to a running zone (dynamic Change)

This will describe how to add a network interface to a running non-global zone, without having to reboot the zone. The new interface will persist between reboots.

First you add the entry to the zone configuration. This is the part that lets it persist between reboots. This is done from the global zone:

# zonecfg -z zone1
zonecfg:slabzone1> add net
zonecfg:slabzone1:net> set address=XXX.XXX.XX.XXX
zonecfg:slabzone1:net> set physical=bge0
zonecfg:slabzone1:net> end
zonecfg:slabzone1> verify
zonecfg:slabzone1> commit
zonecfg:slabzone1> exit

Now we have to manually add a new interface to the running zone. Do this from the global zone as well

# ifconfig bge0 addif XXX.XXX.XX.XXX netmask XXX.XXX.X.X zone zone1 up

Created new logical interface bge0:3

Note: The ‘addif’ tells ifconfig to create a logical interface using the next available.

# ifconfig -a
lo0:1: flags=2001000849 mtu 8232 index 1 inet netmask ff000000
bge0:1: flags=1000843 mtu 1500 index 2 inet XXX.XXX.XX.XXX netmask ffffff00 broadcast XXX.XXX.XX.XXX
bge0:3: flags=1000843 mtu 1500 index 2 inet XXX.XXX.XX.XXX netmask ffffff00 broadcast XXX.XXX.XX.XXX

That's it! you're done.

In case you want to remove the interface -

To remove the interface from a running zone. From the global zone, remove the interface. You must first determine which logical interface [alias] you wish to remove.

# ifconfig bge0:3 down
# ifconfig bge0:3 unplumb
# zonecfg -z zone1
zonecfg:slabzone1> remove net address=XXX.XXX.XX.XXX
zonecfg:slabzone1> commit
zonecfg:slabzone1> exit



  1. You can also use "ifconfig bge0 removeif XXX.XXX.XXX.XXX" to remove the interface.

    And your "ifconfig -a" output is missing the "zone" flag.

  2. Hi Anon,

    Thanks! good tip. BTW the zone flag is actualy not missing here, I took the ifconfig -a O/P from non-global zone. & if you execute the ifconfig -a from NGZ server then it does not have any zone flag.

    Thanks - Nilesh

  3. HI Nilesh, my name is mike and i have a t5240 sparc box trying to configure ipmp multipathing. As you know it comes with a quad nic and we have 1 interface going to switch a and another 1 interface going to switch b. However, I cannot get the link detection feature to work. Can you help.

    Thanks in Advance..


  4. link aggregations and IPMP support link-based detection failure, i.e. the health of an interface is determined from the state of the link reported by the driver.

    link-aggregation to increase bandwidth & IPMP to provide fault tolerance at the switch level.

    Answer to your query is - Doing trunking across multiple switches requires switches that support this mode of operation -- the switches will need to cooperate together to work as a single peer.


  5. Thanks for posting this. I made a mistake when creating a zone in reguards to the network interface. This really helps. Thanks!

  6. So, do you use the same IP address in the zonecfg as you do when runnign the ifconfgi from the global after the zonecfg add net is done?

    1. Yes, it's the same IP address for both.

  7. Thanks for this Dude!!! thanks a lot

  8. Amazing thing you post in this blog. It help me to solve my related problem. Nice bolg post.
    Visit :- zone 1 container

  9. That is a nice explanation, thanks. It seems however to be limited to zones of the type "shared IP". Is there any way to add a newly created VNIC to an "exclusive IP" zone? That is to say, without having to reboot the zone?

  10. login to zone and change the /etc/hostname.bg0 to /etc/hostname.bg1
    from global zone take backup of /etc/zone/zonename.xml
    and change the physical=bg0 to bg1 and save
    shutdown the zone
    zonecfg -z zonename verify
    boot the zone.