Manualshelf

HP-UX IPFilter V17.05 Administrator Guide HP-UX 11i v2 and HP-UX 11i v3

ManualsBrandsHP ManualsSoftwareHP-UX IPFilter Software
41424344454647484950
7 Address pooling
NOTE: Address pooling is available only on HP-UX 11i v3.
7.1 The ippool utility
Address pools establish a single reference that is used to name a group of address/netmask pairs.
Address pools:
Facilitate management of large groups of addresses
Reduce time to match IP addresses with rules
Improve performance
The ippool utility manages information stored in the IP pools subsystem of IPFilter. Configuration
file information can be parsed and loaded into the kernel. Configured pools can be removed,
changed, or inspected. For more information, see the ippool(1M) and ippool(4) manpages.
7.2 The ippool.conf file
The IP pool configuration file defines a single object that contains a reference to multiple IP
address/netmask pairs. A pool can consist of a mixture of netmask sizes from 0 to 32.
NOTE: Only IPv4 addressing is supported.
The IP pool configuration file provides the following mechanisms to efficiently match IP addresses
with rules:
The table command defines a lookup table that provides a single filter rule reference to
multiple targets.
The following storage formats are provided:
The hash table format is used with objects that contain the same netmask or a few different
sized netmasks of non-overlapping address space.
The tree structure supports exceptions to a covering mask. Searching is also supported.
IMPORTANT: Pools defined in the configuration file must have an associated role. The only
supported role is ipf.
For more information and examples, see the ippool(4) manpage.
7.3 Configuring address pool
7.3.1 Syntax
table role = <role name> type = <storage format> name = <pool name>
{Address list separated by semicolon}
Where
table Defines the reference for the multiple addresses.
role Specifies the role of the pool IN. The only role for reference is ipf.
type Specifies the storage format for the pool. There are two supported storage
formats; tree (pool) and hash table.
number/name Specifies the reference number/name that is used by the filtering rule.
48 Address pooling