Awesome. Perfect. It does indeed help. Thank you very much.
On Monday, December 5, 2016 11:43 PM, Usama Ahmad <[email protected]> wrote:
Hello,
Below you will find my usbkey/config and pfsense config. Pretty self
explanatory I think. Hope it helps.
[root@Host ~]# cat /usbkey/config
#
# This file was auto-generated and must be source-able by bash.
#
admin_nic=00:30:48:c8:ef:bb
admin_ip=172.16.46.90
admin_netmask=255.255.255.0
admin_network=
admin_gateway=172.16.46.90
data_nic=00:30:48:c8:ef:bb
headnode_default_gateway=172.16.46.200
dns_resolvers=8.8.8.8,8.8.4.4
dns_domain=yonge.nrk-inc.com
ntp_hosts=0.smartos.pool.ntp.org
compute_node_ntp_hosts=172.16.46.90
hostname=Host
out0_nic=00:30:48:c8:ef:ba
wireless_nic=00:15:17:1d:0e:7a
etherstub="vswitch0,vswitch1,vswitch2,vswitch3,vswitch4,vswitch5,vswitch6,vswitch7"
root_authorized_keys_file=authorized_keys
{
"alias": "pfSense",
"hostname" : "pfsense",
"brand": "kvm",
"vcpus": 2,
"vnc_port": 12213,
"autoboot": true,
"ram": 3072,
"disks": [
{
"boot": true,
"model": "virtio",
"size": 40096
}
],
"nics": [
{
"nic_tag": "ext",
"model": "virtio",
"ip": "dhcp",
"allow_restricted_traffic": true,
"allow_ip_spoofing": true,
"allow_mac_spoofing": true,
"allow_dhcp_spoofing": true,
"allow_unfiltered_promisc": true
},
{
"nic_tag": "admin",
"model": "virtio",
"ip": "172.16.46.200",
"netmask": "255.255.255.0",
"gateway": "172.16.46.200",
"primary": true,
"allow_restricted_traffic": true,
"allow_ip_spoofing": true,
"allow_mac_spoofing": true,
"allow_dhcp_spoofing": true,
"allow_unfiltered_promisc": true
},
{
"nic_tag": "vswitch0",
"model": "virtio",
"ip": "dhcp",
"allow_restricted_traffic": true,
"allow_ip_spoofing": true,
"allow_mac_spoofing": true,
"allow_dhcp_spoofing": true,
"allow_unfiltered_promisc": true
},
{
"nic_tag": "vswitch1",
"model": "virtio",
"ip": "dhcp",
"allow_restricted_traffic": true,
"allow_ip_spoofing": true,
"allow_mac_spoofing": true,
"allow_dhcp_spoofing": true,
"allow_unfiltered_promisc": true
},
{
"nic_tag": "vswitch2",
"model": "virtio",
"ip": "dhcp",
"allow_restricted_traffic": true,
"allow_ip_spoofing": true,
"allow_mac_spoofing": true,
"allow_dhcp_spoofing": true,
"allow_unfiltered_promisc": true
},
{
"nic_tag": "vswitch3",
"model": "virtio",
"ip": "dhcp",
"allow_restricted_traffic": true,
"allow_ip_spoofing": true,
"allow_mac_spoofing": true,
"allow_dhcp_spoofing": true,
"allow_unfiltered_promisc": true
},
{
"nic_tag": "wireless",
"model": "virtio",
"ip": "dhcp",
"allow_restricted_traffic": true,
"allow_ip_spoofing": true,
"allow_mac_spoofing": true,
"allow_dhcp_spoofing": true,
"allow_unfiltered_promisc": true
}
]
}
On Mon, Dec 5, 2016 at 6:34 PM, G B via smartos-discuss
<[email protected]> wrote:
I've wanted to put my firewall into a KVM or Zone for some time, then have my
smtp and httpd servers which are now in a DMZ to be in other Zones. I'd keep
my internal LAN on a physical switch. Would I need to create an etherstub and
have a vnic for the KVM or Zone firewall and other Zones connected to the
etherstub? For some reason I'm having a mental block of the best way to do
this.
Thanks.
| smartos-discuss | Archives | Modify Your Subscription | |
-------------------------------------------
smartos-discuss
Archives: https://www.listbox.com/member/archive/184463/=now
RSS Feed: https://www.listbox.com/member/archive/rss/184463/25769125-55cfbc00
Modify Your Subscription:
https://www.listbox.com/member/?member_id=25769125&id_secret=25769125-7688e9fb
Powered by Listbox: http://www.listbox.com
