Hi,
Apologies if this has come up before, I could not find much in the archives.
It seems that FW-1 limits the number of IP addresses per physical interface
to 8:
[LOG_CRIT] kernel: FW-1: Can only handle 8 ip addresses per interface
The nokia site confirms this to be the case, but offers no resolution. It
appears that the Nokia machines have their interfaces treated as residing on
one physical NIC (which kinda makes sense). This means that once a real IP
and a VRRP address has been assigned to the three interfaces, only two other
addresses can be assigned on any of the interfaces.
So my questions are:
1) Can the 8 IP limit be increased? If so, how?
2) What happens if the addresses are assigned anyway? Will they work
intermittently, or will the ones that were assigned last just not work at
all?
3) Does anyone find this absurdly low? What if I had 20 web servers with
private IPs to protect, each needing their own VRRP public address assigned
on the external interface?
4) Am I just missing some stupidly obvious solution here?
Regards
JP
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
