- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- FTP via package IP
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-22-2014 10:57 PM - last edited on 12-23-2014 06:04 PM by Maiko-I
12-22-2014 10:57 PM - last edited on 12-23-2014 06:04 PM by Maiko-I
Hi guys,
We are using 11iv3 servers , SG 11.20 , when we ftp some file from our server to target its going via physical IP , Our network guy saying can you change it such that the traffic must go via package IP ?
Is it possible in HPUX ?
If yes then how can we achieve it ?
P.S. This thread has been moved from Networking to HP-UX > Serviceguard. - Hp Forum Moderator
Solved! Go to Solution.
- Tags:
- ftp
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-23-2014 07:32 AM
12-23-2014 07:32 AM
Re: FTP via package IP
For Service Guard nodes, there is a local IP address that is reserved for maintenance only. The package IP is tied to the package and remains unchanged regardless of which node in the cluster is running the package. Always use the package IP address for package data. The node IP addresses should be used only for cluster changes, never for package data.
Bill Hassell, sysadmin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-24-2014 03:28 AM
12-24-2014 03:28 AM
Re: FTP via package IP
Hi Bill,
I got solution for this reqmnt in one of forum , but its not working for us.
You are initiating a FTP session from a cluster node running the package. You want the target to think the FTP session is coming from the "package" IP instead of the permenant IP on the node. Correct?
What we did to work around this was to add a route specific to the target system.
/usr/sbin/route add host target-ip gateway-ip
The target is the system you want to connect to, the gateway would be your package IP. This made it appear to the target system that the connection came from the package IP and not the permenant IP.
Our ftp to destination server gets completely blocked.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-24-2014 08:34 AM - edited 12-24-2014 08:37 AM
12-24-2014 08:34 AM - edited 12-24-2014 08:37 AM
SolutionOK. The FTP session must be initiated by the package. This is a case where the program (FTP) needs to call bind() in order to associate the source as a specific IP address, but standard ftp doesn't have this option. This has been discussed a lot but I haven't seen an official HP Service Guard solution yet. The best discussion is in the gray paper by Olivier S. Massé a few years ago:
Understanding HP-UX Routing gray paper
However, the best solution would be to use scp/sftp as it has the BindAddress option. scp/sftp also encrypts the data which is an important security feature, one that ftp does not have:
sftp -o BindAddress=12.34.56 user_name@target_IP
Bill Hassell, sysadmin