Open Frames Download Complete PDF Send Feedback Print This Page

Previous

Next

Host Addresses

You should add host addresses for systems that will communicate frequently with the system. You can:

  • View the entries in the hosts table.
  • Add an entry to the list of hosts.
  • Modify the IP address of a host.
  • Delete a host entry.
Related Topics

Configuring Hosts- WebUI

Configuring Hosts - CLI (host)

Configuring Hosts- WebUI

To add a static host entry

  1. Go to the Interface Management > Hosts and DNS page.
  2. In the Hosts section, click Add.
  3. Enter the
    • Host Name. Must include only alphanumeric characters, dashes ('-'), and periods ('.'). Periods must be followed by a letter or a digit. The name may not end in a dash or a period. There is no default value.
    • IPv4 address
    • IPv6 address

To edit a static host entry

  1. Go to the Interface Management > Hosts and DNS page.
  2. In the Hosts section, select a host and click Edit.
  3. Edit the
    • Host Name
    • IPv4 address
    • IPv6 address

To delete a static host entry

  1. Go to the Interface Management > Hosts and DNS page.
  2. In the Hosts section, select a host and click Delete.

Configuring Hosts - CLI (host)

Description

Add, edit, delete and show the name and addresses for hosts that will communicate frequently with the system

Syntax

To add a host name and address:

add host name VALUE ipv4-address VALUE
add host name VALUE ipv6-address VALUE

To edit the name and IPv4 or IPv6 address of a host:

set host name VALUE ipv4-address VALUE
set host name VALUE ipv6-address VALUE

To delete a host name and address:

delete host name VALUE ipv4
delete host name VALUE ipv6

To show an IPv4 or IPv6 host address:

show host name VALUE ipv4
show host name VALUE ipv6

To show all IPv4 or IPv6 hosts:

show host names ipv4
show host names ipv6
 

Parameters

Parameter

Description

 
name VALUE

The name of a static host. Must include only alphanumeric characters, dashes ('-'), and periods ('.'). Periods must be followed by a letter or a digit. The name may not end in a dash or a period. There is no default value.

 
ipv4-address VALUE

The IPv4 address of the host

 
ipv6-address VALUE

The IPv6 address of the host

 

Domain Name Service (DNS)

Gaia uses the Domain Name Service (DNS) to translate host names into IP addresses. To enable DNS lookups, you must specify the primary DNS server for your system. You can also specify secondary and tertiary DNS servers. When resolving host names, the system consults the primary name server. If a failure or time-out occurs, the system consults the secondary name server, and if necessary, the tertiary.

You can also define a DNS Suffix, which is a search for host-name lookup.

Configuring DNS - WebUI

To configure the DNS Server for the Gaia computer:

  1. In the WebUI, go to the Interface Management > Hosts and DNS page.
  2. In the System Name section, enter the Domain Name. For example, example.com.
  3. In the DNS Section, enter the:
    1. DNS Suffix. The name that is put at the end of all DNS searches if they fail. By default, it should be the local domain name.

      A valid domain name suffix is made up of subdomain strings separated by periods. Subdomain strings must begin with an alphabetic letter and may consist only of alphanumeric characters and hyphens. The domain name syntax is described in RFC 1035 (modified slightly in RFC 1123). Note: Domain names that are also valid numeric IP addresses, for example 10.19.76.100, though syntactically correct, are not allowed.

      For example, if you set the DNS Suffix to example.com and try to ping some host foo (by running ping foo), and foo cannot be resolved, then the resolving computer will try to resolve foo.example.com.
    2. IPv4 address or IPv6 of the Primary DNS Server. The server to use when resolving hostnames. This should be a host running a DNS server.
    3. (Optional) IPv4 or IPv6 address of the Secondary DNS Server. The server to use when resolving hostnames if the primary server does not respond. This should be a host running a DNS server.
    4. (Optional) IPv4 or IPv6 address of the Tertiary DNS Server. The server to use when resolving hostnames if the primary and secondary servers do not respond. This should be a host running a DNS server.

Configuring DNS - CLI (dns)

Description

Configure, show and delete the DNS servers and the DNS suffix for the Gaia computer.

Syntax

To configure the DNS servers and the DNS suffix for the Gaia computer:

set dns primary VALUE
set dns secondary VALUE
set dns tertiary VALUE
set dns suffix VALUE
 

To show the DNS servers and the DNS suffix for the Gaia computer:

show dns primary
show dns secondary
show dns tertiary
show dns suffix
 

To delete the DNS servers and the DNS suffix for the Gaia computer:

delete dns primary
delete dns secondary
delete dns tertiary
delete dns suffix
 

Parameters

primary VALUE

The server to use when resolving hostnames. This should be a host running a DNS server. An IPv4 or IPv6 address

secondary VALUE

The server to use when resolving hostnames if the primary server does not respond. This should be a host running a DNS server. An IPv4 or IPv6 address

tertiary VALUE

The server to use when resolving hostnames if the primary and secondary servers do not respond. This should be a host running a DNS server. An IPv4 or IPv6 address

suffix VALUE

The name that is put at the end of all DNS searches if they fail. By default, it should be the local domain name.

A valid domain name suffix is made up of subdomain strings separated by periods. Subdomain strings must begin with an alphabetic letter and may consist only of alphanumeric characters and hyphens. The domain name syntax is described in RFC 1035 (modified slightly in RFC 1123). Note: Domain names that are also valid numeric IP addresses, for example 10.19.76.100, though syntactically correct, are not allowed.

For example, if you set the DNS Suffix to example.com and try to ping some host foo (by running ping foo), and foo cannot be resolved, then the resolving computer will try to resolve foo.example.com.

 

IPv4 Static Routes

A static route defines the destination and one or more paths (next hops) to get to that destination. You define static routes manually using the WebUI or the set static-route command from the CLI.

Static routes let you add paths to destinations that are unknown by dynamic routing protocols. You can define multiple paths (next hops) to a destination and define priorities for selecting a path. Static routes are also useful for defining the default route.

Static route definitions include these parameters:

  • Destination IP address.
  • Route type:
    • Normal - Accepts and sends packets to the specified destination.
    • Reject - Drops packets and sends an error message to the traffic source.
    • Black hole - Drops packets, but does not send an error message.
  • Next-hop gateway type:
    • Address - Identifies the next hop gateway by its IP address.
    • Logical - Identifies the next hop gateway by the interface that connects to it. Use this option only if the next hop gateway has an unnumbered interface.
  • Gateway identifier - IP address or interface name.
  • Priority (Optional) - Assigns a path priority when there are many different paths.
  • Rank (Optional) - Selects a route when there are many routes to a destination that use different routing protocols. You must use the CLI to configure the rank.

Configuring IPv4 Static Routes - WebUI

You can configure static routes one at a time or use the Batch Mode to configure many routes simultaneously.

To configure one static route at a time:

  1. In the WebUI navigation tree, select IPv4 Static Routes.
  2. In the IPv4 Static Routes pane, click Add
    or
    Select a route and click Edit to change an existing route.
  3. In the Add (or Edit) Destination Route window, enter the IPv4 address and subnet mask.
  4. Select the Next Hop Type.
    • Normal - Accepts and sends packets to the specified destination.
    • Reject - Drops packets and sends an error message to the traffic source.
    • Black Hole - Drops packets, but does not send an error message.
  5. Click Add gateway or double-click an existing gateway.
  6. For new interfaces only, select an interface type.
    • Normal - Identifies the destination gateway by its IP address.
    • Network Interface - Identifies the next hop gateway by the interface that connects to it. Use this option only if the next hop gateway has an unnumbered interface. This option is known as a logical interface in the CLI.
  7. Optional: Select Local Scope. Defines a static route with a link-local scope. Use this setting on a cluster member when the ClusterXL Virtual IP address is in a different subnet than the physical interface address. This allows the cluster member to accept static routes on the subnet of the Cluster Virtual address.
  8. Optional: Select Ping to send periodic ICMP packets to the route destination.

    This action makes sure that the connection is alive. If no answer is returned, the route is deleted from the routing table.

  9. Optional: Enter or select a Rank.

    This a route priority value to use when there are many routes to a destination that use different routing protocols. The route with the lowest rank value is selected. Default = 0.

  10. In the Add (or Edit) Interface gateway window, enter the IP address or interface name.
  11. Select a Priority between 1 and 8. The priority sets the order for selecting the next hop among many gateways. 1 (default) is the highest priority and 8 is the lowest. This parameter is required.

Configuring Many Static Routes at Once

You can use the batch mode to configure multiple static routes in one step.

Note - You cannot configure a network (logical) interface using this option.

To add many static routes at once:

  1. In the WebUI navigation tree, select Static Routes.
  2. In the Static Routes pane, click Add Multiple Static Routes.
  3. In the Add Multiple Routes window, select the Next Hop Type.
    • Normal - Accepts and sends packets to the specified destination
    • Reject - Drops packets and sends an error message to the traffic source
    • Black Hole - Drops packets, but does not send an error message
  4. Add the routes in the text box, using this syntax:

    <Destination IP>/<Mask length> <Next Hop IP> [<Comment>]

    default - Use this as an alternative to the default route IP address

    Destination IP - Destination IP address using dotted decimal notation

    Mask length - Net mask using slash (/xx) notation

    Next Hop IP - Next hop gateway IP address using dotted decimal notation

    Comment - Optional free text comment

    Examples:

    default 192.0.2.100 192.0.2.1 "Default Route"

    192.0.2.200 192.0.2.18

  5. Click Apply.

    The newly configured more static routes show in the list of Static Routes in the Static Routes page.

Note - The text box shows entries that contain errors with messages at the top of the page.
  1. Correct errors and reload the affected routes.
  2. Click the Monitoring tab to make sure that the routes are configured correctly.

Configuring Static Routes - CLI (static-route)

You only use the set operation with the static-route command, even when adding or deleting a static route.

Description

Add, change or delete an IPv4 static route.

Syntax

set static-route <Destination>

nexthop gateway address <GW IP> [priority <P Value>] on|off

nexthop gateway logical <GW IF> [priority <P Value>] on|off

nexthop blackhole

nexthop reject

 

set static-route <Destination> off

set static-route <Destination> rank <0-255>

Parameter

nexthop

Defines the next hop path, which can be a gateway, blackhole or reject.

gateway

Accepts and sends packets to the specified destination.

blackhole

Drops packets, but does not send an error message.

reject

Drops packets and sends an error message to the traffic source.

address

Identifies the next hop gateway by its IP address.

logical

Identifies the next hop gateway by the interface that connects to it. Use this option only if the next hop gateway has an unnumbered interface.

priority

Assigns a path priority when there are many different paths. The available path with the lowest priority value is selected.

on

Adds the specified route or next hop.

off

Deletes the specified route or next hop. If you specify a next hop, only the specified path is deleted. If no next hop is specified, the route and all related paths are deleted.

rank

Selects a route when there are many routes to a destination that use different routing protocols. The route with the lowest rank value is selected.

Use the rank keyword in place of the nexthop keyword with no other parameters.

 

Values

<Destination>

Destination IP address using dotted decimal/mask length (slash) notation. You can use the default keyword instead of an IP address when referring to the default route.

<GW IP>

Gateway IP address in dotted decimal notation in dotted decimal format without a net mask.

<GW IF>

Name of the interface that connects to the next hop gateway.

<P Value>

Priority. An integer between 1 and 8 (default=1).

<Rank Value>

Rank. An integer between 0 and 255 (default=0).

 

Examples

 
set static-route 192.0.2.100 nexthop gateway address 192.0.2.155 on
set static-route 192.0.2.100 nexthop gateway address 192.0.2.18 off
set static-route 192.0.2.0/24 off
set static-route 192.0.2.100 nexthop blackhole
set static-route 192.0.2.0/24 rank 2
 

Comments

There are no add commands for the static-route feature. To show static routes, run

show route static
 


CLI Procedures


This section includes some basic procedures for managing static routes using the CLI.


To show static routes, run


show route static






 Codes: C - Connected, S - Static, R - RIP, B - BGP,


       O - OSPF IntraArea (IA - InterArea, E - External, N - NSSA)


       A - Aggregate, K - Kernel Remnant, H - Hidden, P - Suppressed


 


S     0.0.0.0/0           via 192.168.3.1, eth0, cost 0, age 164115


S     192.0.2.100      is a blackhole route


S     192.0.2.240     is a reject route










To add a static route, run:


set static-route <Destination> nexthop gateway <GW IP> on


set static-route <Destination> nexthop gateway <GW IF> on


Destination - Destination IP address.
GW IP - Next hop gateway IP address.
GW IF - Interface that connects to the next hop.


Example:


set static-route 192.0.2.100 nexthop gateway address 192.0.2.10 on
set static-route 192.0.2.100 nexthop gateway logical 192.0.2.10 on


To add a static route with paths and priorities, run:


set static-route <Destination> nexthop gateway <GW ID> priority <P Value>


Destination - Destination IP address
GW IP - Next hop gateway IP address
P Value - Integer between 1 and 8 (default =1)


Run this command for each path, assigning a priority value to each. You can define two or more paths using the same priority to specify a backup path with equal priority.


Examples:


set static-route 192.0.2.100 nexthop gateway address 192.0.2.10 on
priority 1


set static-route 192.0.2.100 nexthop gateway address 192.0.2.10 on
priority 1


set static-route 192.0.2.0/24 nexthop gateway logical eth4 on priority 2


set static-route 192.0.2.0/24 nexthop gateway logical eth5 on priority 3




To add a static route where packets are dropped, run:


set static-route <Destination> nexthop reject


set static-route <Destination> nexthop blackhole


Destination - Destination IP address.
Reject - Drops packets and sends an error message to the traffic source.
Blackhole - Drops packets, but does not send an error message.


Examples:


set static-route 192.0.2.0/24 nexthop reject


or


set static-route 192.0.2.0/24 nexthop blackhole


To delete a route and all related paths, run:


set static-route <Destination> off


Destination - Destination IP address.


Example:


set static-route 192.0.2.0/24 off


To delete a path only, run:


set static-route <Destination> nexthop gateway <GW ID> off




Destination - Destination IP address.
GW ID - Next hop gateway IP address or interface name.


Example:


set static-route 192.0.2.10 nexthop gateway address 192.0.2.100 off


IPv6 Static Routes


Configuring IPv6 Static Routes - WebUI


You can configure IPv6 static routes one at a time.


To configure one static route at a time:


  1. In the WebUI navigation tree, select IPv6 Static Routes.
  2. In the IPv6 Static Routes pane, click Add 
    or
    Select a route and click Edit to change an existing route.
  3. In the Add (or Edit) Destination Route window, enter the IPv6 address and prefix
    (default = 64).
  4. Select the Next Hop Type.
    • Normal - Accepts and sends packets to the specified destination.
    • Reject - Drops packets and sends an error message to the traffic source.
    • Black Hole - Drops packets, but does not send an error message.
  5. Click Add Gateway or double-click an existing gateway.
  6. In the Add (or Edit) Gateway window, enter the IP address or interface name.
  7. Select a Priority between 1 and 8. The priority defines the sequence for selecting the next hop among many gateways. 1 is the highest priority and 8 is the lowest. This parameter is required.



						

						
							
					 
				

			

				
	

	


	
	

		
			

				

					Top of Page
					©2014 Check Point Software Technologies Ltd. All rights reserved.
					
						Download Complete PDF
						
						Send Feedback
						
						Print