On 12/24/14 2:06 , Sam M via smartos-discuss wrote: > Hello. > > Due to financial constraints at our place of work, we have a number of > commodity workstations running SmartOS. I've given the details of one GZ > below. I've also created an etherstub on all the workstations. > > The admin_gateway IP (172.77.66.66) is common across all GZ and points to a > non-existent machine/IP address. I would like to set up a VM on one of the > workstations with IP address 172.77.66.66 as the gateway and a firewall for > the admin network. > > 1. Is this possible?
Yes, this is possible. > 2. If so, how do I do this? I'd appreciate if someone could point me to the > appropriate resources or help me out. The first question to answer is do you want an actual router, eg. a device which exists on both networks and can route packets to the other location, or are you looking for an Internet NAT? Depending on which you want will change a bit of the instructions. However, you'll want to create a zone with two network interfaces, one on your admin network and one on the broader network to route to. That zone will need IP anti-spoofing disabled. Depending on which of the above options you'll want, you'll want to look at routeadm(1M) and read through enabling routing and IP forwarding. To do the actual firwalling, you can use ipf. You can either use ipf directly or look at fwadm which abstracts it a little bit. Robert ------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00 Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb Powered by Listbox: http://www.listbox.com
