HPUX allows you to turn on the strong end-system model in ndd (HPUX 10.3 or later) which is what you need if you insist on having a second default gateway dedicated to lan1. Unfortunately they did not bother to document it anywhere that I can find. The behavior of the Strong End-System Model is discussed in RFC 1122.
http://deesse.univ-lemans.fr:8003/Connected/RFC/1122/62.htmlndd -h ip_strong_es_model says:
Controls support for "Strong End-System Model" described in
RFC1122, Section 3.3.4.2. When enabled, packet source addresses
(and therefore interfaces on a multihomed host) affect selection
of a gateway for outbound packets. Set to 0 to disable; set to 1
to enable. [0,1] Default: 0 (disable)
In order to turn SESM on you have to:
ndd -set /dev/ip ip_strong_es_model 1
or better edit /etc/rc.config.d/nddconf
to add:
TRANSPORT_NAME[0]=ip
NDD_NAME[0]=ip_strong_es_model
NDD_VALUE[0]=1
so it will stay after a reboot.
If HPUX supports the RFC 1122 then it must allow you to assign two default gateways tho again how you do it is not really well defined. I suppose it would simply be the same in /etc/rc.config.d/netconf as defining one default so it would look something like this:
ROUTE_DESTINATION[0]="default"
ROUTE_MASK[0]=""
ROUTE_GATEWAY[0]="192.168.2.1"
ROUTE_COUNT[0]="1"
ROUTE_ARGS[0]=""
ROUTE_DESTINATION[1]="default"
ROUTE_MASK[1]=""
ROUTE_GATEWAY[1]="172.155.23.1"
ROUTE_COUNT[0]="1"
ROUTE_ARGS[0]=""
and the Strong ES Model would figure out which one went with which interface based on the IP addresses.
If you do
ndd -set /dev/ip ip_strong_es_model 1
first then you can probably get it to reread the netconf file with:
ined -c
otherwise you would have to reboot.
You can check whether it is working by doing a traceroute to this system from a device on the other side of the Lan1 router. If the traceroute reports the final address as 172.155.23.2 then it worked if not it will show 192.168.2.10.
Ron
