SEO
vBulletin Search Engine Optimization
| |||||||
| Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
01-16-2008, 08:35 AM
| ||||
| ||||
 Specific default routes for each interface Hi, I have a V240 connected to two different subnets, and I want to be able to specify a different default route for each interface. If I don't have a /etc/defaultrouter I end up with default 163.1.13.254 UG 1 6 bge1 default 163.1.62.254 UG 1 3 bge0 which is what I want. However, I'd like to do this without relying on router broadcasts, but I can't figure out how to do this. Is it even possible? Thanks - Ian -- Ian Chard, Unix & Network Administrator | E: ian.chard@sers.ox.ac.uk Systems and Electronic Resources Service | T: 80587 / (01865) 280587 Oxford University Library Services | F: (01865) 204937      |
|
01-16-2008, 08:35 AM
| |||
| |||
| Re: Specific default routes for each interface Ian Chard wrote: > > Hi, > > I have a V240 connected to two different subnets, and I want to be able > to specify a different default route for each interface. If I don't > have a /etc/defaultrouter I end up with > > default 163.1.13.254 UG 1 6 bge1 > default 163.1.62.254 UG 1 3 bge0 > > which is what I want. However, I'd like to do this without relying on > router broadcasts, but I can't figure out how to do this. Is it even > possible? > > Thanks > - Ian > > -- > Ian Chard, Unix & Network Administrator | E: ian.chard@sers.ox.ac.uk > Systems and Electronic Resources Service | T: 80587 / (01865) 280587 > Oxford University Library Services | F: (01865) 204937 Touch /etc/notrouter and terminate in.routed. The file's existence will prevent in.routed from starting. |
|
01-16-2008, 08:36 AM
| |||
| |||
| Re: Specific default routes for each interface Ben <ben@en-ninguna-parte.com> writes: > Ian Chard wrote: >> Hi, >> >> I have a V240 connected to two different subnets, and I want to >> be able to specify a different default route for each >> interface. If I don't have a /etc/defaultrouter I end up with >> >> default 163.1.13.254 UG 1 6 bge1 >> default 163.1.62.254 UG 1 3 bge0 >> >> which is what I want. However, I'd like to do this without >> relying on router broadcasts, but I can't figure out how to do >> this. Is it even possible? > > Touch /etc/notrouter and terminate in.routed. The file's > existence will prevent in.routed from starting. Note that this will also (and primarily) disable IP forwarding in the kernel by forcing the ip_forwarding parameter to 0; it is normally set to 1 if more than one interface (excluding loopback) is configured for IPv4 (see /etc/init.d/inetinit on Solaris <= 9). So this will have an additional (and rather drastic) side effect on the system's IP configuration (which may either break or fix the setup, depending on what the system is supposed to do in the first place  -- Stefan Jankowski Sysadmin, University of Freiburg, CS Dpt. s/spambucket// s/dave\.null/${FORENAME}.${LASTNAME}/ |
|
01-16-2008, 08:36 AM
| |||
| |||
| Re: Specific default routes for each interface Ben wrote: > Ian Chard wrote: > >>Hi, >> >>I have a V240 connected to two different subnets, and I want to be able >>to specify a different default route for each interface. If I don't >>have a /etc/defaultrouter I end up with >> >>default 163.1.13.254 UG 1 6 bge1 >>default 163.1.62.254 UG 1 3 bge0 >> >>which is what I want. However, I'd like to do this without relying on >>router broadcasts, but I can't figure out how to do this. Is it even >>possible? > > Touch /etc/notrouter and terminate in.routed. The file's existence will > prevent in.routed from starting. My fault for being vague :-) If I don't run in.routed, I can't replicate the above configuration: if I add both default routers, they aren't tied to interfaces (i.e. the sixth column is empty), and all packets used the first default route in the table. - Ian -- Ian Chard, Unix & Network Administrator | E: ian.chard@sers.ox.ac.uk Systems and Electronic Resources Service | T: 80587 / (01865) 280587 Oxford University Library Services | F: (01865) 204937 |
|
01-16-2008, 08:36 AM
| |||
| |||
| Re: Specific default routes for each interface Ian Chard <ian.chard@sers.ox.ac.uk> writes: > My fault for being vague :-) > > If I don't run in.routed, I can't replicate the above configuration: > if I add both default routers, they aren't tied to interfaces (i.e. the > sixth column is empty), and all packets used the first default route > in the table. You'll need to write your own start-up script that does 'route add' with the '-ifp' option to accomplish that. (A future release will have a static route configuration feature, but no current release does.) (As an aside, if it works fine with regular routing, why would you want to hard-code it into a configuration file? Doing so just means that this machine, and all others like it, will need to be modified the next time the network topology changes. That seems like an operational problem to me ...) -- James Carlson, KISS Network <james.d.carlson@sun.com> Sun Microsystems / 1 Network Drive 71.234W Vox +1 781 442 2084 MS UBUR02-212 / Burlington MA 01803-2757 42.497N Fax +1 781 442 1677 |
|
01-16-2008, 08:36 AM
| |||
| |||
| Re: Specific default routes for each interface In article <xoavy8alew49.fsf@sun.com>, James Carlson <james.d.carlson@sun.com> wrote: >(As an aside, if it works fine with regular routing, why would you >want to hard-code it into a configuration file? Doing so just means >that this machine, and all others like it, will need to be modified >the next time the network topology changes. That seems like an >operational problem to me ...) Our network topology rarely changes and when it does there is almost always prior notice and an expectation of at least some service interuption. For simple, relatively static networks I see having to edit a config file preferable and more secure than a constantly running root priv'ed daemon that listens to the network for routing info. -- Jim Prescott - Computing and Networking Group jgp@seas.rochester.edu School of Engineering and Applied Sciences, University of Rochester, NY |
|
01-16-2008, 08:36 AM
| |||
| |||
| Re: Specific default routes for each interface jgp@harn.ceas.rochester.edu (Jim Prescott) writes: > Our network topology rarely changes and when it does there is almost > always prior notice and an expectation of at least some service > interuption. > > For simple, relatively static networks I see having to edit a config > file preferable and more secure than a constantly running root priv'ed > daemon that listens to the network for routing info. You can enable authentication if security is an issue there. Does that mean you don't run name services such as DNS, because those can be spoofed? What about ARP? Or is it just the concern that in.routed runs as root and receives packets -- and thus we had to be very careful in design and testing to make sure it can't be compromised? If that's the issue, then it could be run on S10 with limited privileges, but I suppose I see your point. -- James Carlson, KISS Network <james.d.carlson@sun.com> Sun Microsystems / 1 Network Drive 71.234W Vox +1 781 442 2084 MS UBUR02-212 / Burlington MA 01803-2757 42.497N Fax +1 781 442 1677 |
|
01-16-2008, 08:37 AM
| ||||
| ||||
| Re: Specific default routes for each interface James Carlson wrote: >>If I don't run in.routed, I can't replicate the above configuration: >>if I add both default routers, they aren't tied to interfaces (i.e. the >>sixth column is empty), and all packets used the first default route >>in the table. > > > You'll need to write your own start-up script that does 'route add' > with the '-ifp' option to accomplish that. Excellent -- many thanks, that's exactly what I was looking for. > (As an aside, if it works fine with regular routing, why would you > want to hard-code it into a configuration file? Doing so just means > that this machine, and all others like it, will need to be modified > the next time the network topology changes. That seems like an > operational problem to me ...) Covered elsewhere in the thread I think. I personally hate using router broadcasts, as they tend to cause odd problems (just last week I had a machine drop off the network because of a change on a bridging firewall that had the side effect of blocking said broadcasts). - Ian -- Ian Chard, Unix & Network Administrator | E: ian.chard@sers.ox.ac.uk Systems and Electronic Resources Service | T: 80587 / (01865) 280587 Oxford University Library Services | F: (01865) 204937 |
 |
« Upgrade from Solaris 9 to 10 - missing utility program?
|
Need Veritas Volume Manager 3.0 Eval Lic »
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT. The time now is 07:44 PM.
