I am really not at all qualified to advise upon your setup, sorry. Am assuming you have read http://wiki.hetzner.de/index.php/SmartOS
Regards, Usama On Sun, Sep 7, 2014 at 4:14 PM, RYAN M. vAN GINNEKEN via smartos-discuss < [email protected]> wrote: > On Sep 5, 2014 8:27 PM, "RYAN M. vAN GINNEKEN via smartos-discuss" < > [email protected]> wrote: > > > > > I have some networking questions directly below is a bit of a network > diagram not sure if it is completely accurate or even correct other infos > follow. > > > > INET >>>> ibg0 >> GZ >> admin_nic >> IPF/NAT >> gw0 >> switch0 >> GZ > >>>> zones and KVMs > > > > Anyways i would like to add an Internal nic or vnic to the GZ with IP > address 172.16.0.200 so that i can setup NFS, FIFO, etc using an internal > ip instead of the external one, is the internal NIC TAG listed below from > my /usbkey/config file going to work for me or is there a better more > correct way. Also can i use a virtual MAC address, or a real MAC address > from one of my unplugged NICS? or can i just ommit to MAC and let SmartOS > do some magic and create or not need one? > > > > Here is part of my /usbkey/config please see the internal_nic section > > > > admin_nic=0:25:90:e9:c:4 > > admin_ip=204.244.122.132 > > admin_netmask=255.255.255.224 > > admin_network=... > > admin_gateway=204.244.122.129 > > > > etherstub="switch0" > > > > #Internal nic connects GZ to internal network? > > internal_nic= ???????????? use real mac of one of my unplugged NICs or > use virtual MAC or can i skip MAC all together ????????? > > internal0_ip=172.16.0.200 > > internal0_netmask=255.255.255.0 > > internal0_gateway=172.16.0.1 > > > > Here is a bit more about the network, and i have to say thanks to lots > of folks on the IRC that have helped me get this far > > > > I have this in /opt/custom/bin/net-setup > > > > ## setup gw0 > > 4 if [ `dladm show-vnic | grep gw0 | wc -l` -ne 1 ]; then > > 5 /usr/sbin/dladm create-vnic -m 2:8:20:bc:d5:5f -l switch0 gw0 > > 6 /usr/sbin/ipadm create-addr -T static -a 172.16.0.1/24 gw0/v4 > > 7 fi > > 8 > > 9 ## setup ip forwarding > > 10 /usr/sbin/routeadm -u -e ipv4-forwarding > > 11 /usr/sbin/routeadm -u -e ipv6-forwarding > > 12 A bunch of IPF/NAT rules to make things happen > > > > Some more hopefully helpful infos > > > > dladm show-phys > > LINK MEDIA STATE SPEED DUPLEX DEVICE > > igb0 Ethernet up 1000 full igb0 > > igb1 Ethernet up 1000 full igb1 > > igb2 Ethernet down 0 half igb2 > > igb3 Ethernet down 0 half igb3 > > > > > > ifconfig -a > > lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu > 8232 > index > 1 > > inet 127.0.0.1 netmask ff000000 > > igb0: flags=1100843<UP,BROADCAST,RUNNING,MULTICAST,ROUTER,IPv4> mtu 1500 > index 2 > > inet 204.244.122.132 netmask ffffffe0 broadcast 204.244.122.159 > > ether 0:25:90:e9:c:4 > > dell0: flags=1100843<UP,BROADCAST,RUNNING,MULTICAST,ROUTER,IPv4> mtu > 1500 > index > 3 > > inet 192.168.1.10 netmask ffffff00 broadcast 192.168.1.255 > > ether 2:8:20:d9:4e:6a > > gw0: flags=1100843<UP,BROADCAST,RUNNING,MULTICAST,ROUTER,IPv4> mtu 9000 > index 4 > > inet 172.16.0.1 netmask ffffff00 broadcast 172.16.0.255 > > ether 2:8:20:bc:d5:5f > > lo0: flags=2002000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv6,VIRTUAL> mtu > 8252 > index > 1 > > inet6 ::1/128 > > gw0: flags=20002100840<RUNNING,MULTICAST,ROUTER,IPv6> mtu 9000 index 4 > > inet6 ::/0 > > ether 2:8:20:bc:d5:5f > > > > netstat -rn -f inet > > > > Routing Table: IPv4 > > Destination Gateway Flags Ref Use > Interface > > -------------------- -------------------- ----- ----- ---------- > --------- > > default 204.244.122.129 UG 7 10846355 igb0 > > 127.0.0.1 127.0.0.1 UH 4 696826 lo0 > > 172.16.0.0 172.16.0.1 U 10 11739732 gw0 > > 192.168.1.0 192.168.1.10 U 2 0 dell0 > > 204.244.122.128 204.244.122.132 U 7 442026 igb0 > > > > Hello, > > I only wish to understand your network so unfortunately do not have any > advice. > > You have global zone directly connected to the internet? That is, your > admin IP is addressable from the internet. If I am correct may I ask why? > Or rather why not use SmartOS's built-in external_nic for external access > and firewall from there? > > Regards, > Usama > > > Yes i have GZ directly connected to the INET, i think/thought this was the > only option as i only have one NIC and one cable to the INET at the present > time also this machine is in a remote data center so i only have access > from the INET. > > Not sure how to setup using SmartOS's built-in external_nic or how to > firewall from there as you mentioned ... I would be very appreciative if > you could enlighten me to a better setup than this one. > > Thank you in advance. > > > > > Computer King CaN-Mail Surveillance > King > > http://computerking.ca http://canmail.org > http://surveillanceking.net > > > > Surveillance - Sales Service - Hosting Backup > > Internet Based Surveillance Systems > > Custom Service Pac kages > > Secure IMAP Email - Automated Remote Backups - Photo Blogs - Online ERP > and Accounting Packages > > > > smartos-discuss | Archives | Modify Your Subscription > > > *smartos-discuss* | Archives > <https://www.listbox.com/member/archive/184463/=now> > <https://www.listbox.com/member/archive/rss/184463/24697919-04ed9bf0> | > Modify > <https://www.listbox.com/member/?&;> > Your Subscription <http://www.listbox.com> > ------------------------------------------- smartos-discuss Archives: https://www.listbox.com/member/archive/184463/=now RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00 Modify Your Subscription: https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb Powered by Listbox: http://www.listbox.com
