Friday, June 12, 2009

How do you test firewall rules for a virtual IP address?

The problem was that I was trying to test from the OS access to a defined port on a remote host. Using telnet and snoop I could confirm that the firewall rules were all set up correctly and any access problems must be an application issue.

The ifconfig output looked like;
bge1: flags=201000843 mtu 1500 index 3
inet 10.106.53.88 netmask fffffff0 broadcast 10.106.53.95
bge1:1: flags=201000843 mtu 1500 index 3
inet 10.106.53.93 netmask fffffff0 broadcast 10.106.53.95


Tricky one this as everytime I tried a telnet it set it's source address to the underlying IP address (in this case 10.106.53.88) but I wanted to test access from 10.106.53.93.

Checking the routing table showed that the first entry for the local subnet (ie the one with the default gateway) was through the underlying interface (10.106.53.88). So, how to reverse this?
The answer was to set the base interface (in this case bge1) to deprecated and then the routing table entries swapped over and the source address was set to the floating IP.

Once all was confirmed working, just reverse the deprecated settings and then unset completely to return everything to its former state.

Syntax reminder;
Deprecated on;
ifconfig bge1 10.106.53.88 netmask 0xfffffff0 broadcast 10.106.53.95 deprecated up
Deprecated off;
ifconfig bge1 10.106.53.88 netmask 0xfffffff0 broadcast 10.106.53.95 -deprecated up


PS - Don't forget to cross your fingers and hope it doesn't screw up any running applications on the box :-)
Posted by Blue Atom at Friday, June 12, 2009 0 comments
Labels:

Monday, June 8, 2009

SMART disk monitoring

I've just downloaded smartctl from Blastwave and it works against my SATA disks;

# /opt/csw/sbin/smartctl -d scsi -a /dev/rdsk/c9t2d0s0
smartctl version 5.38 [i386-pc-solaris2.8] Copyright (C) 2002-8 Bruce Allen
Home page is http://smartmontools.sourceforge.net/

Serial number: 9QM4SAL7
Device type: disk
Local Time is: Mon Jun 8 10:32:07 2009 BST
Device supports SMART and is Enabled
Temperature Warning Disabled or Not Supported
SMART Health Status: OK

Current Drive Temperature: 45 C

Error Counter logging not supported
No self-tests have been logged


Doesn't seem to work for the IDE root yet but after a spate of SATA disk failures I'm not too concerned about that.
Posted by Blue Atom at Monday, June 08, 2009 0 comments
Labels:
Subscribe to: Comments (Atom)