Solaris kernel zones and IP NAT using ipfilter

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

Note: For an update on how to configure PF firewall – Please check Configuring NAT Using PF Firewall on Solaris 11/12

Assumptions

The network used in the zones is 192.195.40.0
create an etherstub with one local interface used as the gateway ip address
give each zone an ip address on a vnic on the same etherstub
set the default gateway to the global zone etherstub/vnic ip
Add to /etc/ipf/ipnat.conf

map localnet0 192.195.40.0/24 -> 0/32  portmap tcp/udp auto
map localnet0 192.195.40.0/24 -> 0/32

finally enable ipfilter with svcadm
reference
http://www.scalingbits.com/book/export/html/479

Leave a Reply

avatar
3000
  Subscribe  
Notify of