Manualshelf

HP-UX Containers (SRP) A.03.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Containers (SRP)
51525354555657585960
57
12 Networking with containers
All container types require an IP address to allow network interaction with remote systems. All
network activity between a container and other network endpoints will use the IP address dedicated to
the container. Once you have assigned an IP address to a container, the IP address can only be used
while the container is started. When the container is stopped, the IP address is unavailable.
When you run applications and services in a container that perform network interface and endpoint
queries, the container reports only interfaces and endpoints that are associated with the container.
For example, running netstat –i or netstat –r generates output that is context relevant for the
container in which you run the command.
You can use the srp command to perform basic network administration of a container, such as
assign an IP address to a container, and unconfigure a container’s IP address when the container is
deleted. The srp command automatically configures the IP address up and down when the container
is started and stopped.
For each container, when you assign an IP address, you can also configure a default route entry. The
srp command activates the container route entries along with the IP address whenever the container
is started, and removes the route entries when the container is stopped. You can manually configure
additional route entries for the container.
An additional routing feature available to HP-UX Containers is the ability to designate routes between
containers on the system server as Force-to-Wire routes. Force-to-Wire route entries cause all network
traffic passing between two different IP addresses on the same server to be forced down through the
physical network layer. Then go onto the network where the packets will traverse through any
firewalls and routers before being delivered back to the server through the interface where the target
container IP address is assigned. You can use this feature to ensure that remotely implemented
firewall policy and network auditing is applied to all container network traffic.
Network administration is only supported from the global view.
12.1 Configuring the first network interface
When you run the srp add command to create a container, you must specify an IP address for the
container. You will be prompted to enter the necessary information. The parameters that you must
specify to configure the primary network interface for a container include:
ip_address
An IPv4 or IPv6 formatted address
ip_mask
(IPv4 only) A mask of the form 255.255.255.0
iface
Physical interface name of the form lan0 or lan0:2
gw_ip_address
Gateway IP address for the default route entry
The IP address that you specify must not already be configured in the
/etc/rc.config.d/netconf[-ipv6] file, or the srp command will prompt you to correct your
entry. The ip_mask parameter only supports IPv4 addresses.
If an IPv6 address is specified, a default prefix length (64) will be used when the interface is
configured. You can manually edit the /etc/rc.config.d/netconf-ipv6 file entry to include
the nonstandard IPV6_PREFIXLEN as needed once the entry is created.