On 8/22/05, Bastian Schern <[EMAIL PROTECTED]> wrote: > <snip> > > --- snip --- > # ifconfig rl1 > rl1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500 > options=8<VLAN_MTU> > inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255 > inet6 fe80::2e0:7dff:fe98:5c60%rl1 prefixlen 64 scopeid 0x2 > ether 00:e0:7d:98:5c:60 > media: Ethernet autoselect (100baseTX <full-duplex>) > status: active > --- snap --- > > It looks like the virtual IPs are not existing. If I try to ping e.g. > 192.168.3.1 I get "Destination Host Unreachable". >
>From the firewall itself? I don't think that'll work (due to loopback issues). If traffic passes in and out just fine, as intended, then you're set. > But if I try to setup the virtual IP manualy I get this: > > # ifconfig rl1 inet 192.168.3.1 netmask 255.255.255.0 alias That's not how virtual IP's work. There are no aliases, it's all proxy ARP'ed in some fashion and handled that way. When you bind IP's to the box like that, the services running on it also tend to want to bind to those IP's, and the whole thing becomes a big mess (not to mention potentially opening up more access to your firewall than you intend). -cmb --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
