Network-ers (origanlly posted to Crossbow discussion, as assumed this was a Crossbow matter):
Other than a bit of testing back when Crossbow was only a glint in its developers' eyes, we're relatively new to Crossbow, and were trying to implement our first real environment. In brief: Want to send all WAN traffic to one interface in a given (global? non-global?) zone, effectively making it the DMZ. From there, wish to implement port forwarding to specific vnics, each on its own non-global zone, on Box 'A'. In addition, we'd like to forward specific ports (80? 443?) to IP addresses external to the openSolaris box; Boxes 'B', 'C', etc. Originally thought this to be a job for Crossbow's etherstub/vnic architecture, and that Crossbow's 'flows' would handle the port forwarding. Have since been directed to look at IPFilter and l2filter Project. Resource management may eventually be part of this, but is low priority at the moment. (Project l2filter: Layer 2 Filtering) Also understand that Crossbow now plays nice with nwam; is this true - in case I use Crossbow - or should we move to svc physical:default for better future-proofing? Have started the research with this very helpful post from Nicolas Droux: http://blogs.sun.com/droux/entry/private_virtual_networks_for_solaris and will continue from there. Does anyone know of a specific recipe? Many thanks. Lou -- This message posted from opensolaris.org _______________________________________________ networking-discuss mailing list [email protected]
