Solaris 11.3: VB in a zone with bridged networking; zone network unreachable after VM shutdown

Discussions related to using VirtualBox on Solaris hosts.
Post Reply
TheBloke
Posts: 9
Joined: 10. Jun 2017, 01:51
Primary OS: Solaris
VBox Version: PUEL
Guest OSses: Windows 7, 10 64bit; Linux

Solaris 11.3: VB in a zone with bridged networking; zone network unreachable after VM shutdown

Post by TheBloke »

Hi everyone

I'm running Solaris 11.3 (release repo, without a support contract at present.) The full OS version is Oracle Solaris 11.3.1.5.1 (pkg/entire version is 0.5.11-0.175.3.1.0.5.1.)

I am still in the testing phase, and so far have a single VM installed: Windows 7 Pro, 64bit.

Here's the issue: if I configure this VM with Bridged Networking, then when I shutdown the VM all external network connectivity is lost to the non-global zone that runs it. I can't ping or SSH to the zone from my workstation and the zone can't ping out to other devices on the network. I can however ping it from its global zone and I can ping to/from other non-global zones. It seems to be purely external network traffic that is killed - anything that goes out onto the wire, in other words.

I have VirtualBox 5.1.22 installed and running in a non-global zone. I installed VirtualBox-5.1.22-SunOS-amd64-r115126.pkg first in the global zone then again in the non-global, and then I installed the extension pack in both places. I have added the three vbox device match entries in the zone's config. The virtualbox/zoneaccess service is running in the global zone.

The problem is completely repeatable: about 30 seconds after shutting down the VM I will lose all external access to the non-global zone that runs it. Networking is fine before I start the VM and while the VM is running, Reboots of the VM also don't cause problems. But shutting down the VM completely will always cause the problem.

I can't find any logs or messages in either the non-global zone or the global that correspond to this failure or explains it. There's practically no logs in the non-global at all. All network diagnostics appear fine. ipadm show-if and dladm show-link both show UP.

I have found that I can fix the problem in the non-global by deleting its IP interface and re-creating it along with its IP address, with the following commands:

Code: Select all

ipadm delete-ip zone0
ipadm create-ip zone0
ipadm create-addr -T static -a 192.168.0.50/24 zone0/v4desktop1
As soon as I do this, pings resolve immediately and I can SSH into the zone externally again. So at least I can fix it, but of course it's highly undesirable to have to do this each time a VM shuts down.

The problem occurs identically when running the VM from the VirtualBox UI or from VBoxHeadless. It does not occur if the VM is configured with no network adapter or with a NAT adapter. It always happens when it's configured with a Bridged adapter.

Here is the zone's config:

Code: Select all

create -b
set brand=solaris
set zonepath=/system/zones/%{zonename}
set autoboot=true
set autoshutdown=shutdown
set ip-type=exclusive
add fs
set dir=/export/home
set special=/export/home
set type=lofs
end
add anet
set linkname=zone0
set lower-link=net0
set configure-allowed-address=true
set link-protection=mac-nospoof
set mac-address=auto
end
add device
set match=/dev/vboxdrv
end
add device
set match=/dev/vboxdrvu
end
add device
set match=/dev/vboxusbmon
end
I am not running ipfilter or any other firewalling/NAT in either the global zone or the non-global.

Any help in diagnosing or resolving this would be much appreciated. Let me know if I can provide any further info. I am hoping it can be fixed, as Bridged networking is much more convenient for most of my use cases. I know I can plumb ports with NAT and I will probably use have a go with that, but I am hoping I can get proper Bridged working so I can more easily get everything done that I need.

Thanks very much in advance.
TheBloke
Posts: 9
Joined: 10. Jun 2017, 01:51
Primary OS: Solaris
VBox Version: PUEL
Guest OSses: Windows 7, 10 64bit; Linux

Re: Solaris 11.3: VB in a zone with bridged networking; zone network unreachable after VM shutdown

Post by TheBloke »

Well I guess there's not so much Solaris traffic around here any more :) Shame.

Anyway for the record I thought I'd add that I've reverted to running VMs in the global, and that works fine. So it's definitely related to running a VM in a non-global.
Post Reply