Solaris 10 ip address of outgoing packets on logical interfaces

Similar Messages

• Routing outgoing packets over multiple interfaces?

  I have two network interfaces (eth0 and eth1) with separate IP addresses on the same subnet.  All outgoing traffic uses eth0 regardless of the interface the incoming traffic came in on.
  I assume the outgoing packets still have the correct source IP address (not always eth0's), and I'd like the packets to go out on the interface with the corresponding IP address.
  I think I have half the solution to my problem:
  http://www.novell.com/support/viewConte … Id=7000318
  The other half is that my IPs are dynamic, so ddclient could change my IPs and then the routing would be invalid.
  Last edited by MindlessXD (2009-02-10 07:06:16)

  Setup custom route tables to be used depending on the iptables conntrack marks below
  ip route flush table 1
  ip rule del fwmark 101 table 1
  ip route add table 1 default via <ETH0 IP ADDRESS>
  ip rule add fwmark 101 table 1
  ip route flush table 2
  ip rule del fwmark 102 table 2
  ip route add table 2 default via <ETH1 IP ADDRESS>
  ip rule add fwmark 102 table 2
  I'm not 100% sure if you can add a route via the interfaces IP address. This code has been modified from a box using 2 different ISP's so they have different upstream routers. You might need to replace the 'via' parts with 'src'
  # Ensure traffic in one interface goes back out the same interface
  iptables -t mangle -F PREROUTING
  iptables -t mangle -A PREROUTING -j CONNMARK --restore-mark
  iptables -t mangle -A PREROUTING -m mark ! --mark 0 -j ACCEPT
  iptables -t mangle -A PREROUTING -i eth0 -m state --state NEW -j MARK --set-mark 101
  iptables -t mangle -A PREROUTING -i eth1 -m state --state NEW -j MARK --set-mark 102

• Intercepting outgoing packets with DLPI, or other means

  My company is porting a network traffic-monitoring application to Solaris. We would like to use the Solaris "DLPI" interface to receive packets for analysis. However, my understanding is that DLPI will only provide incoming packets addressed to the local machine. In order to receive outgoing packets also, I understand that DLPI requires that the application place the network interface in promiscuous mode, which we are loathe to do for efficiency reasons. Is there a way in Solaris 7 or 8 to use the DLPI interface to receive both incoming packets addressed to the local machine and also outgoing packets from the local machine? If not, is there some other means of accomplishing this short of writing our own device driver? Thank you.

  You are correct, the arp's come down like normal messages in DL_UNITDATA_IND
  You can see them in hmeudreq. If you look into the message, you will see two blocks (the second hanging off mp->b_cont), something like the following. I haven't tried decoding it all, but you can see the arp (0806) in there.
  blk=0 len=28:
  00 00 00 07 00 00 00 08 00 00 00 14 00 00 00 00
  00 00 00 00 ff ff ff ff ff ff 08 06
  blk=1 len=28:
  00 01 08 00 06 04 00 01 00 40 2e 33 ca 82 01 01
  01 01 ff ff ff ff ff ff 01 01 01 02
  which is an arp request for 1.1.1.2 from 1.1.1.1.
  Hope this helps.
  S.

• Logical interface in solaris 10

  Hi there,
  I need to configure logical interface in a solaris 10 3/05 server. After reading the Solaris 10 IP services manual, I am not quite sure what to do. All the examples and explanation are about using the new subcommand addif of ifconfig. It was not clear in the documentation if the setting logical interfaces via addif will persist across boot.
  Can one still configure logical interface in Solaris 10 in a more traditional way like in Solaris 8? In an Solaris 8 server I will do the following.
  Let's assume I want to configure in a solaris 8 server a logical interface named hme0:1 with IP address 192.168.20.28 with netmask 255.255.255.0 for hostname host001
  # cat /etc/hostname.hme0:1
  host001
  ^D
  # echo "192.168.20.28 host001" >> /etc/inet/hosts
  # echo "192.168.20.0 255.255.255.0" >> /etc/inet/netmasks
  # reboot -- -r
  Can one still do that in solaris 10 3/05 server?

  Hi there,
  I need to configure logical interface in a solaris 10
  3/05 server. After reading the Solaris 10 IP services
  manual, I am not quite sure what to do. All the
  examples and explanation are about using the new
  subcommand addif of ifconfig. It was not clear in the
  documentation if the setting logical interfaces via
  addif will persist across boot.No. No 'ifconfig' command is persistent.
  Can one still configure logical interface in Solaris
  10 in a more traditional way like in Solaris 8? In an
  Solaris 8 server I will do the following.
  Let's assume I want to configure in a solaris 8
  server a logical interface named hme0:1 with IP
  address 192.168.20.28 with netmask 255.255.255.0 for
  hostname host001
  # cat /etc/hostname.hme0:1
  host001
  ^D
  # echo "192.168.20.28 host001" >> /etc/inet/hosts
  # echo "192.168.20.0 255.255.255.0" >>
  /etc/inet/netmasks
  # reboot -- -r
  Can one still do that in solaris 10 3/05 server?Absolutely.
  You don't need to reboot (you can run ifconfig for this boot and let the files do the work next time) and the -r doesn't do anything with interfaces (expecially virtual interfaces) anyway.
  Darren

• Packet marking verification of outgoing packets for Immersive Endpoints TX, CTS Series

  Hi,
  Is there any way how to verify outgoing packet marking from TX and CTS Immersive systems on the system itself please?
  Can I find it somewhere in the logs? In which one please?
  I can see packet marking for incoming packets in Call Statistics but not for outgoing packets.
  CUCM config is EF for voice and AF41 for Video (verified at Telephony Settings) but I can see both audio and video incoming packets on other site as AF41.
  Any answer really appreciated.
  Regards,
  Josef

  As Chris said, use something with port mirroring to be sure.
  There is also a capture cpapability on the CTS / TX systems, please see the cli guide
  utils network capture
  utils network capture [dest ip-address-or-hostname]
  [host [ ip | arp | rarp | tcp | udp | all]://ip-address-or-hostname] [page][numeric][hex][file][count number][size number][port number] [src ip-address-or-hostname]
  Syntax Description
  count number dest
  ip-address-or-hostname file
  hex
  host
  protocol://ip-address-o r-hostname
  numeric page
  port number size number
  src
  ip-address-or-hostname
  Optional. Number count of packets to capture. Maximum count is 1000 for file, 10000 for screen.
  Optional. Source address of the packet as a dotted IP or hostname.
  Optional. Sends capture output to a file (netCapture).
  Optional. Shows output in hex and ascii.
  Optional. The all keyword specifies all protocols. ip-address-or-hostname is the host address of the packet and can be a dotted IP or hostname. The :// is required between the protocol and IP address or host name.
  Optional. Show hosts as dotted IP addresses.
  Optional. Pauses output.
  Optional. Port number of the packet (either src or dest).
  Optional. Number of bytes of the packet to capture. Maximum size is 1024. Optional. Source address of the packet as a dotted IP or hostname.

• How to use the same email address for outgoing email on two iPads?

  How to use the same email address for outgoing email on two iPads?.   My wife and I both use the same email address.  We receive the same incoming email on both iPads but are unable to send email from my wife's iPad.  She is using an iPad 2 and is usng IOS 6.0.1

  Hi Creaturekeeper,
  If you've added the account into the iPad and you are unable to send email from it, then please follow the troubleshooting in the article below.
  Get help with Mail on iPhone, iPad, and iPod touch - Apple Support
  Take care,
  Alex H.

• DSCP (Differentiated Services Code Point) value always set to '0' for outgoing packet on win 7

  DSCP (Differentiated Services Code Point)
  value always set to ‘0’ for outgoing packet on win 7
  I have setup – Controller (Win 7) and Responder (Win XP)
  In controller I setup DSCP value to something – ‘50’ (in hex 0x32) and perform RTP call
  Then I sniff packets using ‘Wireshark’ where I found DSCP value from Controller to Responder not able to set but which is able to set in packet from Responder to Controller.
  Controller to Responder
  Responder to Controller
  When I run same application under same network, where Controller and Responder are having Win XP, then DSCP value appear in layer 3 protocol.
  When I googled then learned I need to do some registry changes mentioned in below links -
  http://technet.microsoft.com/en-us/library/cc758910(WS.10).aspx
  http://support.microsoft.com/kb/2733528/en-us
  But this solution did not help to resolve my problem.
  Later I did followed changed in Local Group Policy Editor but which was also fruitless.
  I do not want to set some fix DSCP value for all outgoing traffic, as my application has provision to take an input for DSCP value from user.
  http://technet.microsoft.com/en-us/library/cc771283.aspx

  Hi,
  I'll involved another engineer who had more knowledge with your problem. Thanks for your understanding.
  Roger Lu
  TechNet Community Support

• Need assistance in creating a logical interface in PIX 7.2

  Hi,
  I've recently upgraded my pix 525 from 6.3 to 7.2. Now I need to take a spare interface (ethernet4) enable this interface and create sub interfaces to use to communicate to my inside network by mapping to inside vlans.
  In 6.3, I would do the following (example)
  niterface ethernet4 vlan240 logical
  nameif vlan240 PROD security 25
  ip address PROD 192.168.1.2 255.255.255.0
  Now that the 7.2 command set is really different and I do not have a test PIX to test with, I'm hoping that someone would have an example for me.
  Goal: My remote location (VPN/GRE) needs to communicate to my local networlk. But, I am not advertising this subnet in ospf. I want to map an advertised IP to this inside non-advertised IP. Setting up a logical interface is how I can achieve this.
  Please advise with samples.
  Regards
  jeff

  Hi,
  I think this will help :-
  http://www.cisco.com/univercd/cc/td/doc/product/multisec/asa_sw/v_7_2/conf_gd/general/intrface.htm#wp1044006
  Regards,
  Vivek

• Zone with multiple logical interfaces

  Hi,
  How can multiple logical network interfaces be added to a running zone?
  I have configured and installed a whole root zone with one shared-ip network interface.
  Now, I need to add more logical interfaces to the same zone.
  On a physical server with a bge interface, I would create a /etc/hostname file for each logical interface such as
  $ ls /etc | grep host
  hostname.bge0
  hostname.bge0:1
  hostname.bge0:2
  hostname.bge0:3
  hostname.bge0:4
  hostname.bge1
  hostname.bge1:1
  hostname.bge1:2
  hostname.bge1:3
  hostname.bge3
  hosts
  $How can the above be done for a zone?

  Hi
  This requires 2 steps. Firstly update your zone configuration to add the logical interface and its associated IP address.
  Assuming from below you want the logical interface to be added to bge0 then do the following replacing the zonename and ip address for whatever is appropriate for you.
  # zonecfg -z itchyzone
  zonecfg:itchyzone1> add net
  zonecfg:itchyzone1:net> set address=192.168.1.21
  zonecfg:itchyzone1:net> set physical=bge0
  zonecfg:itchyzone1:net> end
  zonecfg:itchyzone1> exitYou can do the above as many times as you like to create multiple logical interfaces for the zone.
  After doing the above you will need to reboot the zone to get the new logical interface.
  However if you cant reboot the zone you can plumb a logical interface into the zone by running something similar to the following (change for your zonename, IP etc) from the global zone:
  # ifconfig bge0 addif 192.168.1.21 netmask + broadcast + zone itchyzone1 upyou will now have an extra interface in the zone (in this case called itchyzone1). To verify, login to the zone and run ifconfig -a and you will see your new interface.
  # zlogin itchyzone1
  [Connected to zone 'itchyzone1' pts/4]
  Last login: Mon Oct  5 22:24:15 on pts/4
  Sun Microsystems Inc.   SunOS 5.10      Generic January 2005
  # ifconfig -a
  lo0:1: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
          inet 127.0.0.1 netmask ff000000
  bge0:2: flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS> mtu 1500 index 2
          inet 192.168.1.20 netmask ffffff00 broadcast 192.168.1.255
  bge0:3: flags=201000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4,CoS> mtu 1500 index 2
          inet 192.168.1.21 netmask ffffff00 broadcast 192.168.1.255Hope this helps
  Martin

• Number of logical interface

  Hi all,
  How can i programatically get the total number of logical interfaces that are added to a particular interface ???
  thanks,
  rakesh

  Hi,
  Yes i am talking about the Logical interface. Considering that my n/w interface is "le0", i want to programatically determine what are the locial interfaces that are attached to it (i.e le0:1, le0:5.....etc)
  thanks,
  rakesh

• Why "mac-address-table static 0000.0c07.ac01 interface FastEthernet1/0 vlan 3" in the router ?

  Hi All
  I did not type the following command. Why does it appear when I show run ? Which command can cause the issue? Thank you
  mac-address-table static 0000.0c07.ac01 interface FastEthernet1/0 vlan 3

  Hello,
  It looks as if you have HSRP configured.  Mac address 0000.0c07.ac01 is the HSRP virtual mac address.  01 at the end of the mac represents the HSRP group number.
  Hope this helps,
  Please rate helpful answers.
  Thanks.

• STP Logical Interfaces, virtual ports

  As you probably know one have to take in account the max available numbers of virtual ports and logical interfaces for Spanning Tree when designing a switched network based on catalyst 6500's. Does somebody know if you also have these parameters if you're designing a network based on 4500's or 3750 stacks? And where to find it on the Cisco site
  Rgrds

  My issue deals with Spanning Tree Protocol or better the scalability of STP. see the following document:
  http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/122sx/ol_4164.htm#wp26366
  For choosing the right spanning tree protocol (RPVST+ or MST) you have to take logical interfaces and virtual ports into account on the 6500 platform. But what if you decide to use a different platform, for instance a 3750 stack.
  Rgrds
  Aad

• Airport Extreme is messing up with IP-ID of outgoing packets

  Can someone from the kernel team at apple explain me why are they tampering with the IP-ID in the outgoing IP packets of the Air Extreme. Packets sent with IP-ID x and the device is stamping an IP-ID y after the packet gets forward to the Internet. This is really bad and screws up several diagnostic tools that rely on IP-ID to match queries.
  Cheers --RIcardo

  Hello brian cooper. Welcome to the Apple Discussions!
  For some reason the 802.11n AirPort Extreme Base Station (AEBSn) is not recognizing the modem and is unable to find the DHCP server in order for it to get a proper IP address from your ISP.
  I would start by performing a complete power recycle of your networking equipment to see if that gets them communicating again.
  Please try the following:
  o Power-down the modem, AEBSn, and computer(s); wait at least 10-15 minutes. (Note: Power-down order is not critical.)
  o Power-up the modem; wait at least 10-15 minutes.
  o Power-up (plug into power) the AEBSn; wait at least 5-10 minutes.
  o Power-up the computer(s).
  Computers connected to the AEBSn, either by wire or wireless, should now have Internet access.
  If this doesn't resolve the issue, I suggest that you perform a "hard" reset on the AEBSn, and then, go through the power recycle again. To do this properly, first power-down all of the equipment; perform the reset; re-power-down the AEBSn, and then, power-up the modem, AEBSn, and computers in order.
  If this still doesn't work, I would recommend changing the Ethernet cable to rule out any issues with it.
  Finally, if this doesn't work, the AEBSn may have a faulty WAN port or some other problem. The option then would be to take it to your local Apple store to confirm any problems.

• Solaris 8, 9, and 10 zones in logical domains

  We are planning to migrate our current environment to T5-2.
  Current application environment is running with Solaris 8, 9 and 10 OS versions in V8* series and M5000.
  Our plan is to install multiple logical domains in T5-2 with Solaris 10 or 11 and migrate the current running Solaris 8, 9 and 10 servers as zones. Plan is to create the flash using flar and restore in the target T5-2.
  Will there be any issue with the said OS versions on migration?
  Please suggest.

  Lars,
  Use ldmp2v to convert existing physical server to VM  and
  Convert Solaris 8 and 9 physical servers to container in Solaris 10 VM?
  Is that what you are saying?
  Major constraint I have is, applications running in the current physical servers have no vendor support, vendor doesn't exist any more. Application has been locked to run only on the same OS version. What I am worried is, while running ldmp2v should not prevent the application coming up in the new virtualized environment. Keeping that in mind, I gave a thought like
  1. Install and configure the CDOM (control domain)
  2. configure and Install LDOMs with Solaris 10 OS
  3. Run flar on the existing Solaris 10 physical server
  4. Transfer the flar created to Solaris 10 LDOM and configure it as a zone
  5. For Solaris 8 and 9, create LDOMs with Solaris 10 OS
  6. Install additional patches and packages needed for supporting Solaris 8 and 9 zones
  6. create flar images on the existing Solaris 8 and 9 physical servers
  7. transfer the images to newly created LDOM and configure the zone.
  8. Current servers sun4u which has to be converted to sun4v.

• Setting up a different email address for outgoing emails from Iphone

  I receive all my incoming emails to my iPhone through my @me.com account (mobileme).  This way I can have all my other email accounts set up to automatically send an email to my mobile me account which in turn gets pushed to my iPhone.  But I want to be able to respond to any email using a differnet email address so subsequent replies from third parties to my emails will not go directly to my mobile me account. (I just want to use it as push server for emails to other accounts).  So what I did is to have my incoming email server be a mobile me account.  On my iPhone I turned off the primary server "smtp.me.com" as the outgoing server and turned on an "other" outgoing server.  But here is the problem and the question.  I can successfuly send out replies using the "other" server but the address of sender on the email is still as being from my @me.com.  So how do I have a different email address for the outgoing emails even though I can use that different email address outgoing server.  Hope this explanation is not too difficult.

  Hi Steve
  is Mail - Preferences - Composing - Send new messages from...
  set to the required account ?