Re: AIX routing

From: Mark Lamport (Mark.Lamport_at_KCMETRO.EDU)
Date: 04/28/04

  • Next message: Marcelino Mata: "Re: Correct procedure for restoring system image data" 
    Date:         Wed, 28 Apr 2004 10:10:38 -0500
To: aix-l@Princeton.EDU

    One interface is a webserver, its registered address is the address at the
    firewall. At the server it is another address which is resolved locally.
    Any traffic that comes through the firewall into the
    server must go back through the firewall. The inside firewall is the
    default gateway. If a remote user tries to connect via the other 2
    interfaces, it does not work because the packet is routed through the
    firewall. If I add a static route for a user coming in the other interfaces,
    they work but they can't come in to the webserver via the firewall because
    their packets will be routed by out the interface the static route was setup
    on. I agree, it appears all routing is done via destination address. I
    would like to route via destination and source or interface.

    AIX 5200-02

    ----- Original Message -----
    From: "John Jolet" <john.jolet@FXFN.COM>
    Newsgroups: bit.listserv.aix-l
    To: <aix-l@Princeton.EDU>
    Sent: Wednesday, April 28, 2004 9:49 AM
    Subject: Re: AIX routing

    > what are you trying to accomplish? you can have only one default
    > route. ALL ip routing on ALL unix variants and all routers is done by
    > destination ip address. what version of aix?
    >
    > Mark Lamport wrote:
    >
    > >I have a RS/6000 with 3 interfaces, one of which is connected to a
    firewall.
    > >It appears all AIX routing is performed by destination ip address. Is
    there
    > >a way to perform routing by interface? I have tried the smit route but
    > >appears only to add another entry in the routing table for the
    destination
    > >addess.
    > >
    > >thanks.
    > >
    > >Mark Lamport
    > >
    > >
    >

  • Next message: Marcelino Mata: "Re: Correct procedure for restoring system image data"

    Relevant Pages

    • Re: ftp problem
      ... > here is my whole firewall script ... > # No restrictions on Loopback Interface ... > # or from this gateway server destine for the public Internet. ... > # Allow out secure FTP, Telnet, and SCP ...
      (freebsd-questions)
    • Re: Checkpoint experiences
      ... decide they want the firewall used by the big boys...often repeated, ... The Nokia appliance IPSO, is useful if you don't want to take the ... It is no wonder that the Nokia interface is called ... > billions on training, and classes, consultants, support contracts, etc. ...
      (comp.security.firewalls)
    • Re: netmasks and subnets
      ... >> applies to your firewall forwarding which, ... it for X,Y,Z reasons), then sending through to an internal interface. ... is not really routing as you know it. ... the packets from one internal interface to another. ...
      (comp.os.linux.networking)
    • Re: Problem about ppp -nat
      ... ipfw firewall, ... Just setup your fw of choice as if the tun0 device is the external device and leave all the nat stuff completely out of it. ... My Internet interface is rl0, ... # /etc/rc.d/routing restart ...
      (freebsd-questions)
    • Re: Lets talk about firewalls - what do we as a group think a firewall should be/have?
      ... part of the same network as the LAN. ... Each interface of a firewall should be distinct from ... interfaces, so a "DMZ interface" is not a requirement. ...
      (comp.security.firewalls)