2 Replies Latest reply on Jan 8, 2020 3:44 PM by Robert451

    Default Interface on a Multihomed Solaris 11 Server

    Robert451

      We have a zone that I didn't build with multiple interfaces on it. They are all on the same subnet. For example:

       

      net0/PrimaryZoneInterface  192.168.0.10

      net0/connection1 192.168.0.11

      net0/connection2 192.168.0.12

      net0/connection3 192.168.0.13

       

      And a few more - the names are changed to protect the guilty

       

      The intent is for the traffic to leave the server on net0/PrimaryZoneInterface  192.168.0.10

       

       

      We have firewall rules set for this as the remote host is in a DMZ. This is also a standard for this application here and we have other hosts that work fine.

      The problem is that all of the traffic is using another interface as the default. For this example, let's say all of the traffic is using net0/connection2 192.168.0.12

       

      From what I've found, the default is the first interface that is plumbed up. I can take an outage on this server and re-plumb all of the IPs - and it wouldn't take too long, but I would like to avoid that.

       

      Is there another way to configure an interface as the primary?

        • 1. Re: Default Interface on a Multihomed Solaris 11 Server
          NeilPutnam-Oracle

          Hi Robert,

           

          The way to force one particular IP address to be the source for outgoing connections (and UDP packets) is to mark the other addresses as deprecated.

           

          With something like:

           

               ipadm set-addrprop -p  deprecated=on  net0/connection2  

           

          Assuming net0/connection2 is the address object  name, as shown in the ADDROBJ column of "ipadm show-addr" command.   This is persistent across reboots - just set it once and it's done.

           

          Per the ipadm man page:

           

          deprecated

          The address should no longer used as a source address in new communications, but packets addressed to this address are processed as expected. Possible values are on or off. Default is off. This property is not supported on an address object of type dhcp.

          The deprecated addresses will not be chosen for outgoing connections, but will operate normally otherwise - incoming traffic can target those addresses without a problem.

           

          Regards,

          - Neil

          1 person found this helpful
          • 2. Re: Default Interface on a Multihomed Solaris 11 Server
            Robert451

            This worked perfectly. I knew there had to be a way to accomplish this.

            Thanks a bunch! From both me and our SAP guy who can now do his install!