[OpenIndiana-discuss] Creating a network with zones

[Jim Klimov]

14 ноября 2014 г. 12:00:35 CET, Jonathan Adams <t12nslookup at gmail.com> пишет:
>On 13 November 2014 23:06, Joris FAGBEMIRO <fagbjoris at gmail.com> wrote:
>
>> Hi Jon.
>> I'm planning to work (deployment of a datacenter) on a server which
>have 3
>> physical NIC.
>> Within this server,there will be a lot of servers (zones) distributed
>among
>> four networks. Each network have his set of servers and a firewall
>which is
>> the gate.
>> Now to enable communications between these networks, i have to create
>a
>> zone which will be the router. This router must be connected to each
>> firewall.
>> So i want to know that, if it is possible to connect a VNIC of each
>> firewall to a VNIC of tge router?or should i create an etherstub?
>> Hope that it's more comprehensible!!
>>
>
>Yeah, I would create 4 etherstubs for these 4 networks and then have
>vnics
>running from these etherstubs, then your "router" zone could link these
>etherstubs to your external sites with ipf firewalls on it to protect
>one
>etherstub from any other.
>
>Jon
>_______________________________________________
>openindiana-discuss mailing list
>openindiana-discuss at openindiana.org
>http://openindiana.org/mailman/listinfo/openindiana-discuss

Note that if "Each network have his set of servers and a firewall which is the gate" then you actually have more stubs and subnets: one for each 4 networks themselves (hosts behind their gate-firewall), 1 to 4 connecting the gates with a common default-router (maybe with or without firewall itself, probably with NAT for internet link though), and maybe 1 or more external link from this router to the world.
--
Typos courtesy of K-9 Mail on my Samsung Android