|
|
Sponsored Content
Operating Systems
Solaris
Basic Solaris static routing
Post 302178409 by jeffpas on Tuesday 25th of March 2008 11:34:00 AM
03-25-2008
|
|
10 More Discussions You Might Find Interesting
1. IP Networking
hi,
below is the situation:
my server is in 128.10.200.xxx network.
i have a solaris computer running in a subnet. this computer got 2 nic card.
1 is 172.18.198.xxx , another 1 is 10.100.xxx.11
there is a machine stick with this computer, ip is 10.100.xxx.12
so, 10.100.xxx.11 and... (3 Replies)
Discussion started by: kyhah
3 Replies
2. Solaris
Hello,
Iam having problems getting more then one ip to work here is my setup!
Hostname: nexus
NIC: e000g1
(example ips)
My ips 80.80.80.15 to 80.80.80.20
Defaultrouter 80.80.80.1
nameservers 80.80.80.100 and 80.80.80.200
How would i do this? Any help would be mutch appriciated!... (7 Replies)
Discussion started by: empty
7 Replies
3. Solaris
Hi,
I got problem of Sun Solaris 8 routing.
IP of SunA is 10.16.64.164, and have routing table:
10.16.64.0 10.16.64.164 U 1 19236 bge1
10.6.0.0 10.6.0.3 U 1 16534 bge0
224.0.0.0 10.6.0.3 U 1 ... (4 Replies)
Discussion started by: milo
4 Replies
4. Solaris
I have a SUN ultra 5 machine running Solaris 6. it has two ethernet interfaces qe0 192.168.0.111 and qe1 192.168.1.111
the two subnets are 192.168.0.111 255.255.255.0
192.168.1.111 255.255.255.0
the specified routes are
add route -net 192.168.0.0 255.255.255.0 192.168.0.111
add route... (3 Replies)
Discussion started by: adol65
3 Replies
5. Solaris
Hi,
I have cloned a SOLARIS 8 (BLADE 150) Hard Disk and have put into other system. So, now how do I configure the NIC and assign static IP for this new machine ? (8 Replies)
Discussion started by: angshuman_ag
8 Replies
6. Linux
Dear Sir
I am a newbie in the world of IP telephony. I have been working with Asterisk PBX (SIP) and Cisco Call Manager (MGCP) but now I am learning on how to work GNUGK for H.323 Gatekeeper.
I am having a problem, configuring static call routing on GNUGK
in the section
... (0 Replies)
Discussion started by: mfondoum
0 Replies
7. Solaris
ce0: flags=1100843<UP,BROADCAST,RUNNING,MULTICAST,ROUTER,IPv4> mtu 1500 index 2
inet 10.162.212.132 netmask ffffff00 broadcast 10.162.212.255
ether 0:14:4f:55:82:9
ce1: flags=1100843<UP,BROADCAST,RUNNING,MULTICAST,ROUTER,IPv4> mtu 1500 index 3
inet 10.231.11.232 netmask... (3 Replies)
Discussion started by: busyboy
3 Replies
8. Solaris
Hello All,
Problem is that redundancy doesn't work, probably a routing issue I need to get sorted out When 172.29.11.x net is down, neither node3 nor node4 is trying 172.29.12.x network,The problem lies in network 172.29.13.x
if 172.29.11.x network is down, node3/node4 should route to... (6 Replies)
Discussion started by: nadeemahmed
6 Replies
9. Solaris
I have installed Solaris 11.2 in VMware Player, networked in bridged mode. When Solaris uses DHCP everything is OK, I can reach internet, as well as other systems on my LAN. When I switch to static, I have connections to my LAN, but can not get to internet, the DNS resolution is somehow not... (2 Replies)
Discussion started by: migurus
2 Replies
10. Solaris
We have 2 solaris 10 t5240 servers with static IP addresses on nxge0 I/F which were rebooted a few days back with a known good config that has been in place for years (for /etc/hosts, /etc/hostname.nxge0, /etc/netmasks, etc)
They are not using dhcp.
About the same time today, both of their... (7 Replies)
Discussion started by: hdatontodo
7 Replies
LEARN ABOUT CENTOS
ipsec_eroute
IPSEC_EROUTE(5) [FIXME: manual] IPSEC_EROUTE(5) NAME
ipsec_eroute - list of existing eroutes SYNOPSIS
ipsec eroute cat/proc/net/ipsec_eroute OBSOLETE
Note that eroute is only supported on the classic KLIPS stack. It is not supported on any other stack and will be completely removed in future versions. On the mast stack, use ipsec policy, on the netkey stack, use ip xfrm DESCRIPTION
/proc/net/ipsec_eroute lists the IPSEC extended routing tables, which control what (if any) processing is applied to non-encrypted packets arriving for IPSEC processing and forwarding. At this point it is a read-only file. A table entry consists of: + packet count, + source address with mask and source port (0 if all ports or not applicable) + a '->' separator for visual and automated parsing between src and dst + destination address with mask and destination port (0 if all ports or not applicable) + a '=>' separator for visual and automated parsing between selection criteria and SAID to use + SAID (Security Association IDentifier), comprised of: + protocol (proto), + address family (af), where '.' stands for IPv4 and ':' for IPv6 + Security Parameters Index (SPI), + effective destination (edst), where the packet should be forwarded after processing (normally the other security gateway) together indicate which Security Association should be used to process the packet, + a ':' separating the SAID from the transport protocol (0 if all protocols) + source identity text string with no whitespace, in parens, + destination identity text string with no whitespace, in parens Addresses are written as IPv4 dotted quads or IPv6 coloned hex, protocol is one of "ah", "esp", "comp" or "tun" and SPIs are prefixed hexadecimal numbers where the prefix '.' is for IPv4 and the prefix ':' is for IPv6 SAIDs are written as "protoafSPI@edst". There are also 5 "magic" SAIDs which have special meaning: + %drop means that matches are to be dropped + %reject means that matches are to be dropped and an ICMP returned, if possible to inform + %trap means that matches are to trigger an ACQUIRE message to the Key Management daemon(s) and a hold eroute will be put in place to prevent subsequent packets also triggering ACQUIRE messages. + %hold means that matches are to stored until the eroute is replaced or until that eroute gets reaped + %pass means that matches are to allowed to pass without IPSEC processing EXAMPLES
1867 172.31.252.0/24:0 -> 0.0.0.0/0:0 => tun0x130@192.168.43.1:0 () () means that 1,867 packets have been sent to an eroute that has been set up to protect traffic between the subnet 172.31.252.0 with a subnet mask of 24 bits and the default address/mask represented by an address of 0.0.0.0 with a subnet mask of 0 bits using the local machine as a security gateway on this end of the tunnel and the machine 192.168.43.1 on the other end of the tunnel with a Security Association IDentifier of tun0x130@192.168.43.1 which means that it is a tunnel mode connection (4, IPPROTO_IPIP) with a Security Parameters Index of 130 in hexadecimal with no identies defined for either end. 746 192.168.2.110/32:0 -> 192.168.2.120/32:25 => esp0x130@192.168.2.120:6 () () means that 746 packets have been sent to an eroute that has been set up to protect traffic sent from any port on the host 192.168.2.110 to the SMTP (TCP, port 25) port on the host 192.168.2.120 with a Security Association IDentifier of tun0x130@192.168.2.120 which means that it is a transport mode connection with a Security Parameters Index of 130 in hexadecimal with no identies defined for either end. 125 3049:1::/64 -> 0:0/0 => tun:130@3058:4::5 () () means that 125 packets have been sent to an eroute that has been set up to protect traffic between the subnet 3049:1:: with a subnet mask of 64 bits and the default address/mask represented by an address of 0:0 with a subnet mask of 0 bits using the local machine as a security gateway on this end of the tunnel and the machine 3058:4::5 on the other end of the tunnel with a Security Association IDentifier of tun:130@3058:4::5 which means that it is a tunnel mode connection with a Security Parameters Index of 130 in hexadecimal with no identies defined for either end. 42 192.168.6.0/24:0 -> 192.168.7.0/24:0 => %passthrough means that 42 packets have been sent to an eroute that has been set up to pass the traffic from the subnet 192.168.6.0 with a subnet mask of 24 bits and to subnet 192.168.7.0 with a subnet mask of 24 bits without any IPSEC processing with no identies defined for either end. 2112 192.168.8.55/32:0 -> 192.168.9.47/24:0 => %hold (east) () means that 2112 packets have been sent to an eroute that has been set up to hold the traffic from the host 192.168.8.55 and to host 192.168.9.47 until a key exchange from a Key Management daemon succeeds and puts in an SA or fails and puts in a pass or drop eroute depending on the default configuration with the local client defined as "east" and no identy defined for the remote end. 2001 192.168.2.110/32:0 -> 192.168.2.120/32:0 => esp0xe6de@192.168.2.120:0 () () means that 2001 packets have been sent to an eroute that has been set up to protect traffic between the host 192.168.2.110 and the host 192.168.2.120 using 192.168.2.110 as a security gateway on this end of the connection and the machine 192.168.2.120 on the other end of the connection with a Security Association IDentifier of esp0xe6de@192.168.2.120 which means that it is a transport mode connection with a Security Parameters Index of e6de in hexadecimal using Encapsuation Security Payload protocol (50, IPPROTO_ESP) with no identies defined for either end. 1984 3049:1::110/128 -> 3049:1::120/128 => ah:f5ed@3049:1::120 () () means that 1984 packets have been sent to an eroute that has been set up to authenticate traffic between the host 3049:1::110 and the host 3049:1::120 using 3049:1::110 as a security gateway on this end of the connection and the machine 3049:1::120 on the other end of the connection with a Security Association IDentifier of ah:f5ed@3049:1::120 which means that it is a transport mode connection with a Security Parameters Index of f5ed in hexadecimal using Authentication Header protocol (51, IPPROTO_AH) with no identies defined for either end. FILES
/proc/net/ipsec_eroute, /usr/local/bin/ipsec SEE ALSO
ipsec(8), ipsec_manual(8), ipsec_tncfg(5), ipsec_spi(5), ipsec_spigrp(5), ipsec_klipsdebug(5), ipsec_eroute(8), ipsec_version(5), ipsec_pf_key(5) HISTORY
Written for the Linux FreeS/WAN project <http://www.freeswan.org/> by Richard Guy Briggs. [FIXME: source] 10/06/2010 IPSEC_EROUTE(5)