SUMMARY - yet to be tested - Use Virtual interface ( eri0:1 ) ip as source address - spoofing ?

From: Laurence Moughan <>
Date: Fri Jun 17 2005 - 04:43:02 EDT
Hi All and thanks for feedback.

I should have explained alos that i both receive inbound ftp and sftp
connections as well as origionate outbound ftp and sftp from this box.

However I am going to try and use the deprciated option in the ifconfig
portion of the cluster setup ( when the virtual interfce gets plumbed -
i will need to depreciate the real interface) 

Thansk to David and Aaron for the pointer and to others with
suggestions and advice.

I shall post another SUMMARY when i have tested.




Hi All,

I have an ftp server ftp1 on say behind a firewall being
natted to say

interface eri0

i want to cluster the ftp server with a partner ( using opensource
software heartbeat ) this provides a virtual ip on the cative node,

so we will then have machines

ftp1 real ip address interface eri0
ftp2 real address interface er10

a virtual ip floating between the machines on a virtual eri interface
on one at ip eri0:1( up on the active node )

Now this is obviously going to break my firewall rules as the source of
outgoing packets wil now be the ftp servers real address or 


is there a way to foce all outbound packets to go from the virtual
interface ( eri0:1 ) address ?



..For low fares and great deals on hotels, car hire and travel insurance visit
of any action in reliance upon, this information by persons or entities
other than the intended recipient is prohibited.If you have received
this email in error please notify the sender immediately and delete
the material. 
sunmanagers mailing list
Received on Fri Jun 17 04:44:14 2005

This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:43:48 EST