SUMMARY: controlling source IP addresses ?
pascal at azoria.com
Sat Nov 18 07:55:23 EST 2006
As for what the question was, see the end of this mail. Briefly I wanted
to be able to control which source IP address an application would be
using or seem like coming from while several IPs were configured on the
NIC that the application was using on the server.
Many thanks to Aaron Lineberger, Dragos Stoichitescu, Andrew Mehlos,
James Abendschan for their time and answer. They suggested using the
"deprecated" flag with ifconfig. "man ifonfig" gives you:
Marks the logical interface as deprecated. An address
associated with a deprecated interface will not be used
as source address for outbound packets unless either
there are no other addresses available on the interface
or the application has bound to this address explicitly.
The status display shows DEPRECATED as part of flags.
See INTERFACE FLAGS for information on the flags sup-
ported by ifconfig.
I thought about this since I am already using IPMP here and there, but
unfortunately in my case setting deprecated on all other interfaces
except the one I want would cause other potential problems in my Veritas
cluster. So I cannot solve the issue with that feature and the only
solution I came upon is to ask developers to add a parameter in their
application so that, in case it is needed for some
installation/configuration, then one can have the application to bind to
a given IP number.
Again many thanks for you answer !
> Subject: controlling source IP addresses ?
> Hi all,
> I have already starting searching the net for that "issue" but since I am a
> bit short of time to investigate it I would appreciate if some of you
> already have solutions, ideas or pointers I could follow to speed up my
> I have a server with several NIC on Solaris 9. This NIC has several IPs, a
> primary IP set for example on ce0 and a few other IPs set on ce0:1,
> ce0:2 etc ... Those IPs except for the primary one are set dynamically when
> applications are brought up on the machine (I am using Veritas Cluster
> The issue I have is that, from an external point of view, connections seem
> to be coming from one of those IPs, but not necessarily the same.
> To be more specific, when a given application establishes connection to
> another service on another server, from that other server's perspective,
> requests seem to be coming for one of the IPs set on the remote NIC (ce0,
> ce0:1, ce0:2, ...) but that IP is not always the same from one connection to
> another over time.
> Question: is there anyway in Solaris (i.e. other than in the source
> application) to control that behavior and somehow make sure that connections
> always come from only one source IP (always the same) like for example from
> the primary IP set on a given NIC and not from the secondary IPs ? (ndd
> parameter ? ifconfig feature ? other ?)
> Many thanks in advance.
sunmanagers mailing list
sunmanagers at sunmanagers.org
More information about the summaries