niXforums Forum Index
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   PreferencesPreferences   Log in to check your private messagesLog in to check your private messages   Log inLog in 
·  nixdoc.net ·  man pages ·  Linux HOWTOs ·  FreeBSD Tips ·  Forums
navigation Forum index » *nix » SGI/IRIX » admin
dual-homed Irix host
Post new topic   Reply to topic Page 1 of 1 [2 Posts] View previous topic :: View next topic
Author Message
Walter Roberson
*nix forums Guru


Joined: 19 Feb 2005
Posts: 1300

PostPosted: Mon Jan 02, 2006 8:00 pm    Post subject: Re: dual-homed Irix host Reply with quote
In article <Pine.GSO.4.61.0601021427250.28426@rose.man.poznan.pl>,
Miroslaw Kupczyk <miron@man.poznan.pl> wrote:
Quote:
We have dual-homed irix host with worldwide visible IPs. The host is just
'ordinary' one, not a firewall, not a router. From 'the world' it can be
reached via two IPs both - better for the traffic ballance. How to
configure network in order to have the answer from exactly the same
interface which was requested through ICMP. Default routing is set to one
of the interfaces and it produces discrepancies: source gets the response
from other destination when tested non-default interface. Any help ?

You cannot do that through any IRIX mechanism that I can think of.
It would require routing the packets to an interface chosen based
upon the -source- IP in the packet -- since there is no way to
tag a packet according to which interface it came in on and then
to demand that "replies" to the packet go out the interface indicated
by the tag. Even routing according to the packet source usually
doesn't work the way you would want, and you run into a bunch of issues
having to do with network failures and resiliancy...

The closest support to this is the add-on product, NLBS, the
Network Load Balancing Software. I suspect that is not sold anymore
though :(


If the interfaces are not running at gigabit speeds, and if it
is not important for your purposes that the IP address that reaches
the server be the original IP address, then you can achieve source
routing by interposing NAT (Network Address Translation) devices
between the interfaces and the network. Have each NAT device
change the -source- IP of incoming packets into a distinctive range.
When the server replies, then the reply will automatically go back
to the proper NAT device to be NAT'd back to the original IP, simply
because the route to each distinctive range would be via the device
that did the translation.

I have done this kind of source IP translation with Cisco PIX 500
series firewalls. The appropriate model would depend upon the
expected throughput. The PIX 506E would in theory be enough for
somewhere between 50 and 100 megabits/s, but a 515E would be a better
choice if you are getting towards the top end of that range. (Or
possibly it'd be better to go with the newer Cisco ASA 5500 series.)

The reason I said "if the interfaces are not running at gigabit speeds"
is that firewalls that will actually handle a substantial fraction of
gigabit rates are still pretty expensive. If you have time to
experiment, you might be able to put together a BSD or Linux based
device; I seem to recall reading that "ipchains" can handle the
network address translation that would be needed.
Back to top
Miroslaw Kupczyk
*nix forums beginner


Joined: 02 Jan 2006
Posts: 1

PostPosted: Mon Jan 02, 2006 1:42 pm    Post subject: dual-homed Irix host Reply with quote
Hello,

We have dual-homed irix host with worldwide visible IPs. The host is just
'ordinary' one, not a firewall, not a router. From 'the world' it can be
reached via two IPs both - better for the traffic ballance. How to
configure network in order to have the answer from exactly the same
interface which was requested through ICMP. Default routing is set to one
of the interfaces and it produces discrepancies: source gets the response
from other destination when tested non-default interface. Any help ?

Regards
Miroslaw

* Miroslaw Kupczyk Supercomputing Department *
* Poznan Supercomputing and Networking Center *
* ul Z.Noskowskiego 10, 61-712 Poznan, POLAND *
* Phone (+48 61) 858 2052 *
* www.man.poznan.pl *
Back to top
Google
Back to top
Display posts from previous:   
Post new topic   Reply to topic Page 1 of 1 [2 Posts] View previous topic :: View next topic
The time now is Sat Nov 22, 2008 9:58 am | All times are GMT
navigation Forum index » *nix » SGI/IRIX » admin
Jump to:  

Similar Topics
Topic Author Forum Replies Last Post
No new posts Need help getting Sony DAT tape drive to work on Irix 6.5 trebor SGI/IRIX 1 Sun Apr 13, 2008 3:19 am
No new posts Dual Transports for the same domain SupaDucta Postfix 1 Fri Jan 19, 2007 8:51 am
No new posts How do I determine if a virtual hostname is actually on m... Brett shell 6 Thu Jul 20, 2006 6:58 pm
No new posts dual python / bootstrap RPM woes <zman818@hotmail.com&g python 0 Thu Jul 20, 2006 1:19 am
No new posts Mysql ver. 5.0.22-standard for sun-solaris2.10 (SPARC): E... Calselli, Fabrizio WI MySQL 1 Tue Jul 18, 2006 3:23 pm

Car Loans | Reptile Tank | Online Advertising | Refinance | Actress
Copyright © 2004-2005 DeniX Solutions SRL
 
Other DeniX Solutions sites: Unix/Linux blog |  electronics forum |  medicine forum |  science forum | 
Privacy Policy


Powered by phpBB © 2001, 2005 phpBB Group

[ Time: 0.4129s ][ Queries: 20 (0.3029s) ][ GZIP on - Debug on ]