Solaris- adding a route for a specific port on a multi-port NIC

I have a SPAC box running Solaris 2.6 as a firewall/router that has a 4 port NIC card.  I want to add a route to it to route packets through a software router.  The SPAC is ethernet and the software router bridges our tokenring and ethernet network together.  My question is what is the parameter in the route add command to set the route to a specific port on the ethernet card?? I know that it should be something like: route add net xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx .

Thanks for the help.
LVL 1
aceaAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

jlevieCommented:
I'm leaving this as a comment since I'm not sure I completely understand how the pieces are put together.

You select the port on the quad ethernet by assigning that port an IP address and then routing to the IP. For instance, if it were a quad fastethernet card installed on an Ultra, the relevant interfaces would probably be; hme0 for the on-board, qfe0-3 for quad-fastether. You assign an IP to the first port by creating the file /etc/hostname.qfe0, containing either a hostname from the local /etc/hosts file or containing the IP to be assigned to the interface. This will cause the card to be set up each time the system boots.

Now if I were to have a system whose primary interface (hme0) has 192.168.0.1 and I've assigned 192.168.100.1 to qfe0, I won't need any extra routing statement to reach hosts on the 192.168.100.0 network asthere is an implicit route created for any locally connected networks. Also, the default in Solaris 2.6 is for the system to automatically route between any networks directly connect to it. If you don't want this you have to disable it (touch /etc/notrouter).

If I need to tell the system to route traffic to a non-local destination (through your software router) and the IP of the router is 192.168.100.2 and the destination net is 192.168.200.0, I'd use a route statement like:

route add net 192.168.200.0 192.168.100.2

I'd add this line to /etc/init.d/inetinit to get the route added at boot time. More complex routes can be created as needed, see the man pages for route.
0
aceaAuthor Commented:
Here it is again...  the firewall is on our ethernet side of the network it's address is say 192.168.2.1 (this is the port that is connected to the hub that the software router (192.168.2.2).  There are other computers attached to the hub and they are communicating through the firewall fine.  I need to add a route to the Solaris (firewall) box so that our tokenring side of the network can communicate to and through the firewall.  The addresses on the tokenring side are 192.169.x.x.  The port number of the connection to the firewall is qfe2.  Does this clear things up a bit??
0
jlevieCommented:
Yes, I think I've got it, but let me re-cap to be sure.

The Solaris box is the firewall and it's qfe2 port's IP is (per your comment) 192.168.2.1. The "software router" is at 192.168.2.2, and behind it is the token ring network 192.169.0.0 (a class B they way you wrote it). If I got that right, the route statement would be:

route add 192.169.0.0 -netmask 255.255.0.0192.168.2.2

If I was wrong about the token ring net being a class B, you would use:

route add 192.169.x.y -netmask 255.255.255.0 192.168.2.2

or

route add -net 192.169.x.y 192.168.2.2

This would take care of routing as far as the Solaris box i concerned. You'd still need to tell the "software router" about the Solaris box being the default gateway and the token ring clients would have to know that the "software router" is their default gateway.

One other consideration arises if the "inside networks" aren't being "NAT'd" to the outside. You then have to tell the gateway router how to get back to the token ring network (by routing that traffic to the Solaris box).
0
Amazon Web Services

Are you thinking about creating an Amazon Web Services account for your business? Not sure where to start? In this course you’ll get an overview of the history of AWS and take a tour of their user interface.

aceaAuthor Commented:
Yup, you have it.  I've attempted to use the "route add 192.169 -netmask 255.255.0.0 192.168.2.2" and it gets added to the route list when I do a netstat-r command.  However, when I try to ping the tokenring card in the software router it comes back that the IP addess isn't answering.  I think I have to specify the port on the firewall but am not sure how.  I can communicate between other machines across the SW router without a problem.

And I do have the NAT running on the firewall.  Thanks for the head's up on it.
0
jlevieCommented:
Okay, 192.168.2.2 is the IP ethernet address of the "software router" and you can ping that, but can't ping 192.169.0.1 (for example) that's on the Token Ring side.

Netstat -rn tells you which interface it intends to use for any given route under the Interface column. And it picks the interface to use based on the IP of the gateway and which interface has a network configured that would contain that IP.

One check would be to run snoop on the interface that has the 192.168.2.0 network on it and then try a ping. If you see the packet go out, but never come back, you need to go figure out why the "software router" isn't returning data. If you don't see the packet going out, then we've got a routing problem on the Solaris box. The output of "ifconfig -a" and "netstat -rn" would be very helpful.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
aceaAuthor Commented:
Yup, you have it.  I've attempted to use the "route add 192.169 -netmask 255.255.0.0 192.168.2.2" and it gets added to the route list when I do a netstat-r command.  However, when I try to ping the tokenring card in the software router it comes back that the IP addess isn't answering.  I think I have to specify the port on the firewall but am not sure how.  I can communicate between other machines across the SW router without a problem.

And I do have the NAT running on the firewall.  Thanks for the head's up on it.
0
aceaAuthor Commented:
I've have it working.  I'm able to ping beyond the SW routers tokenring interface and I can ping the Solaris machine from my workstation.  But I can't ping the tokenring interface in the router?  It comes back that there isn't any answer.  I can ping the both NICs in the router any machine from either side of the router.

Thanks a bunch.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Unix OS

From novice to tech pro — start learning today.