Versions Compared

Old Version 27

changes.mady.by.user W.Erber

Saved on

compared with

New Version Current

changes.mady.by.user W.Erber

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Anchor
TOC
TOC
Include Page
KBCOMMON:KB-CSSstyle
KBCOMMON:KB-CSSstyle

...

Access to the Internet for private VPC subnets is possible across a gateway instance providing VPN access to the customer network and allowing (NATted) Internet access via this path. Alternatively, a NAT gateway in the cloud can be used to map the private addresses to public addresses. The NAT gateway can be implemented on a Charon host system or it can be provided by AWS for a charge.
(info) Please note that the Charon host always needs either direct Internet access or Internet access via NAT from a NAT gateway in the AWS cloud to access the license server.

Direct Solaris guest access to the Internet:

This not a recommended standard solution for security reasons. However, should it be required, two interfaces with public IP addresses can be assigned to the Charon host.
One of these interfaces is then dedicated to the guest system which uses the private interface address and the MAC address assigned to the Charon host by AWS (similar to point 2 in section Host to Guest Communication Considerations abovesee also Dedicated NIC for Guest System).

Div
classpagebreak


Using a Charon host system as a Router

...

  1. Create a configuration file (/etc/sysconfig/network-scripts/ifcfg-<interface-name>) for the second interface (if there is no configuration file for the primary interface, create it as well).
  2. Set the correct interface for default route in /etc/sysconfig/network (example: GATEWAYDEV=eth0).
  3. To prevent the cloud-init from resetting your custom network configurations, add the following lines to the /etc/cloud/cloud.cfg file:
    network:
      ; config: disabled
  4. Restart the network.
  5. Create an additional routing table (use the command: ip route add <path> dev <interface-name> table <table-id>). There must be an entry for every IP address assigned to the second interface and any other route to be used.
  6. Set rules in the Routing Policy Database (use the command: ip rule add from <ip-address-of-second-interface> lookup <table-id>)
  7. Create a static route file (/etc/sysconfig/network-scripts/route-<interface-name>)
  8. Create a static rule file (/etc/sysconfig/network-scripts/rule-<interface-name>)

...