Manualshelf

HP-UX IPFilter Version 17 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX IPFilter Software
71727374757677787980
7 Address Pooling
This chapter describes address pooling. It contains the following sections:
“The ippool Utility” (page 73)
“The ippool.conf File” (page 73)
NOTE: This is available only on HP-UX 11i v3.
7.1 The ippool Utility
Address pools establish a single reference that is used to name a group of address/netmask pairs.
Address pools:
Facilitate management of large groups of addresses
Reduce time to match IP addresses with rules
Improve performance
The ippool utility manages information stored in the IP pools subsystem of IPFilter.
Configuration file information can be parsed and loaded into the kernel. Configured pools can
be removed, changed, or inspected. For more information, see the ippool(1M) and ippool(4)
manpages.
7.2 The ippool.conf File
The IP pool configuration file defines a single object that contains a reference to multiple IP
address/netmask pairs. A pool can consist of a mixture of netmask sizes from 0 to 32.
NOTE: Only IPv4 addressing is supported.
The IP pool configuration file provides the following mechanisms to efficiently match IP addresses
with rules:
The table command defines a lookup table that provides a single filter rule reference to
multiple targets.
The following storage formats are provided:
The hash table format is used with objects that contain the same netmask or a few different
sized netmasks of non-overlapping address space.
The tree structure supports exceptions to a covering mask. Searching is also supported.
IMPORTANT: Pools defined in the configuration file must have an associated role. The only
supported role is ipf.
For more information and examples, see the ippool(4) manpage.
7.3 Configuring Address Pool
7.3.1 Syntax
table role = <role name> type = <storage format> name = <pool name>
{Address list separated by semicolon}
Where
table Defines the reference for the multiple addresses.
role
Specifies the role of the pool IN. The only role for reference is ipf.
type Specifies the storage format for the pool. There are two supported storage
formats; tree (pool) and hash table.
7.1 The ippool Utility 73