Like we mentioned earlier we are in the middle of configuring a Fire 280R server for our needs. Yesterday we finally were able to patch some real Internet addresses on the NICs, as well as new local addresses, so now we finally are online^^
While configuring we figured that there are at least three potential needs to assign multiple IP addresses to a single interface.
1. To do a quick test where the configuration won’t have to survive a reboot
2. On an interface in a global zone
3. On an interface in a non-global zone
These are the solutions we used:
$ ifconfig abrX:Y plumb
while “abrX” is the abbreviation for an installed interface.
Now you can use the new interface abrX:Y as you want.
We needed it to have an an external(Internet) and an internal address. So we made an entry in /etc/hosts for the primary address in the old fashioned way(we do not yet use NWAM):
while we put the other addresses in /etc/hostname.abrX:
fire addif 18.104.22.168/24
where /24 implies: netmask ffffff00 broadcast 22.214.171.124
We wanted the interfaces to be visible from the global zone via a local address while being available from the Internet. Therefore we defined a local address as in 2 via /etc/hosts and /etc/hostname.abrX, but we also included the Internet address in the zone configuration:
$ zonecfg -z zone1 zonecfg:zone1> select net physical=abrX zonecfg:zone1:net> set address= 126.96.36.199/24 zonecfg:zone1:net> end zonecfg:zone1> commit zonecfg:zone1> exit
We will now take a look at IP instances, because using them we can achieve to only have the non-global zones visible in the Internet, while the global zone is only vulnerable in the local subnet.