08-14-2012
bartus11,
Thanks for your help. The interface is shared but the IPs are not. This is why I was scratching my head. I may have to set it in both places.
9 More Discussions You Might Find Interesting
1. Solaris
I have a general question regarding Zone Migration.
I have an older system that is currently running a zone configured with ProFTPD & SSL.
If I want to migrate or clone that zone to another (much newer) system, will I still have to setup & configure ProFTPD & SSL on the new system? (3 Replies)
Discussion started by: em23
3 Replies
2. Solaris
OK I am running solaris 10.
I made some changes to my ipf.conf file and issued the command:
ipf -Fa -f /etc/ipf/ipf.conf
to flush out the old and bring in the new changes.
When I ran ipfstat -ioh to verify it had brought in the new rule set I saw something I wasn't expecting to see.
I... (3 Replies)
Discussion started by: NewSolarisAdmin
3 Replies
3. Solaris
Hi all,
i am new learner in Zoning and virtualization Technology and i have some question's about it
i create zone using this step
zonecfg -z app-apache
create
set zonepath=/zone_adm/app-apache
add net
set address=192.168.1.250
set physical=bge0
end
set autoboot=true
verify
commit... (13 Replies)
Discussion started by: coxmanchester
13 Replies
4. Solaris
I'm trying to enable IPF ( ip filter ) on solaris 10 release 6/06 Solaris 10 6/06 s10s_u2wos_09a SPARC
so i enabled svc:/network/ipfilter:default
it was disabled by default and svc:/network/pfil:default was enabled and online
there only one config file under etc
$/etc/ipf/ipf.conf
i... (1 Reply)
Discussion started by: h@foorsa.biz
1 Replies
5. Cybersecurity
I'm running IPF on solaris 10
bash-3.00# ipf -V #display ipf version
ipf: IP Filter: v4.1.9 (592)
Kernel: IP Filter: v4.1.9
Running: yes
Log Flags: 0 = none set
Default: pass all, Logging: available
Active list: 1
Feature mask: 0x107
with the following rules
bash-3.00# ipfstat -o -i... (0 Replies)
Discussion started by: h@foorsa.biz
0 Replies
6. Solaris
I have two physical servers, with zones that mount local storage.
We were using "raw device" in the zonecfg to point to a metadevice on the global zone (it was not mounted in the global zone at any point).
It failed to mount on every boot because the directory existed in the zone.
I... (6 Replies)
Discussion started by: BG_JrAdmin
6 Replies
7. UNIX for Advanced & Expert Users
I've been going crazy trying to get this working. Here's the situation: we have a Solaris 10 box that connects an internal network to an external network. We're using ipf/ipnat on it. We've added a couple of new boxes to the internal network (192.168.1.100, .101) and want to be able to get to port... (1 Reply)
Discussion started by: spakov
1 Replies
8. Solaris
I have a question about losing a node in a zone cluster. Hopefully I can explain enough for someone to answer.
Let's say I have a zone cluster spread over 3 physical nodes. If Node1 crashes, would I be correct in assuming I would lose all zones on Node1?
If I lost Node1 below, would I lose... (4 Replies)
Discussion started by: MasonJ
4 Replies
9. UNIX for Advanced & Expert Users
Dear all,
recently, I migrated a solaris zone from one host to another. The zone was inside of a zpool. The zpool cotains two volumes.
I did the following:
host1:
$ zlogin zone1 shutdown -y -g0 -i0 #Zone status changes from running to installed
$ zpool export zone1
host2:
$ zpool... (2 Replies)
Discussion started by: custos
2 Replies
IPNAT(8) System Manager's Manual IPNAT(8)
NAME
ipnat - user interface to the NAT subsystem
SYNOPSIS
ipnat [ -dhlnrsvCF ] [ -M core ] [ -N system ] -f <filename>
DESCRIPTION
ipnat opens the filename given (treating "-" as stdin) and parses the file for a set of rules which are to be added or removed from the IP
NAT.
Each rule processed by ipnat is added to the kernels internal lists if there are no parsing problems. Rules are added to the end of the
internal lists, matching the order in which they appear when given to ipnat.
Note that ipf(8) must be enabled (with ipf -E) before NAT is configured, as the same kernel facilities are used for NAT functionality. In
addition, packet forwarding must be enabled. These details may be handled automatically when ipnat is run by rc at normal system startup.
See options(4), sysctl(8), and rc.conf(5) for more information.
OPTIONS
-C delete all entries in the current NAT rule listing (NAT rules)
-d Enable printing of some extra debugging information.
-F delete all active entries in the current NAT translation table (currently active NAT mappings)
-h Print number of hits for each MAP/Redirect filter.
-l Show the list of current NAT table entry mappings.
-n This flag (no-change) prevents ipf from actually making any ioctl calls or doing anything which would alter the currently running
kernel.
-r Remove matching NAT rules rather than add them to the internal lists.
-s Retrieve and display NAT statistics.
-v Turn verbose mode on. Displays information relating to rule processing and active rules/table entries.
FILES
/dev/ipnat
/usr/share/examples/ipf Directory with examples.
DIAGNOSTICS
ioctl(SIOCGNATS): Input/output error Ensure that the necessary kernel functionality is present and ipf enabled with ipf -E.
SEE ALSO
ipnat(5), rc.conf(5), ipf(8), ipfstat(8)
IPNAT(8)