HPE Community
Operating System - HP-UX
1825719 Members
2835 Online
109686 Solutions
New Discussion

Re: Isolating network traffic

 
SOLVED
Go to solution
Marco Castillo
Occasional Contributor

‎12-22-2006 06:06 AM

‎12-22-2006 06:06 AM

Isolating network traffic

I have 2 ethernet cards in the same subnet (no APA). Does anyone have any idea how can I isolate the network traffic of a single application through one of the cards and use the other one for the rest?.
you'll never have enough IT experience
0 Kudos
5 REPLIES 5
Michael Steele_2
Honored Contributor

‎12-22-2006 06:35 AM

‎12-22-2006 06:35 AM

Solution

Re: Isolating network traffic

Dear Marco:

Why can you have different net ids for each lan card? This will force the router to separate the hostname by using two netids. When you use two ips within one subnet the router is always going to take the first entry.

This is done with ServiceGuard packages and backup applications all the time.

http://docs.hp.com/en/B9903-90050/apbs03.html
Support Fatherhood - Stop Family Law
0 Kudos
Marco Castillo
Occasional Contributor

‎12-22-2006 06:53 AM

‎12-22-2006 06:53 AM

Re: Isolating network traffic

Hey Michael, thanks.. that's exactly what I have in mind, to use one netid for a backup application and leave the other free.. is there any cookbook on how to do this?.. thanks again.
you'll never have enough IT experience
0 Kudos
Bill Hassell
Honored Contributor

‎12-22-2006 01:03 PM

‎12-22-2006 01:03 PM

Re: Isolating network traffic

You just add the second network card to the subnet by giving it a different IP address. Then update your DNS server with a different hostname (ie, cpua is the original, cpub is the name of the second LAN card.

Now because we don't know anything about the application, I'll assume that users login and run it. So now you instruct users to login to cpub and run the application. The recommendations for webservers or databases or middleware require a lot more thought.


Bill Hassell, sysadmin
0 Kudos
Jim Keeble
Trusted Contributor

‎12-22-2006 10:52 PM

‎12-22-2006 10:52 PM

Re: Isolating network traffic

There is an ndd parameter called ip_strong_es_model that I think addresses your goals.

# ndd -h |grep strong
ip_strong_es_model - Controls multihoming
# ndd -h ip_strong_es_model

ip_strong_es_model:

Controls the requirement issues related to multihoming as
described in RFC1122, Section 3.3.4.2:

(A) A host MAY silently discard an incoming datagram whose
destination address does not correspond to the physical
interface through which it is received.

(B) A host MAY restrict itself to sending (non-source-
routed) IP datagrams only through the physical
interface that corresponds to the IP source address of
the datagrams.

When set to 0, it corresonds to the "Weak ES Model" and would therefore substitute MUST NOT for MAY in issues (A) and (B).

When set to 1, it corresonds to the "Strong ES Model" and would therefore substitute MUST for MAY in issues (A) and (B).

When set to 2, substitute MUST NOT for MAY in issue (A) and SHOULD for MAY in issue (B).

[0,2] Default: 0

#
0 Kudos
Marco Castillo
Occasional Contributor

‎12-28-2006 05:41 PM

‎12-28-2006 05:41 PM

Re: Isolating network traffic

Thank you very much for your comments. Problem solved.
you'll never have enough IT experience
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.