Go to main content

Securing the Network in Oracle® Solaris 11.3

Exit Print View

Updated: September 2018
 
 

How to Set Strict Multihoming

For systems that are gateways to other domains, such as a firewall or a VPN node, use this procedure to turn on strict multihoming. The hostmodel property controls the send and receive behavior for IP packets on a multihomed system.

Before You Begin

You must become an administrator who is assigned the Network Management rights profile. For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.3.

  1. Set the hostmodel property to strong for IP packets.
    # ipadm set-prop -p hostmodel=strong ipv4
    # ipadm set-prop -p hostmodel=strong ipv6
  2. Verify the current value and note the possible values.
    # ipadm show-prop -p hostmodel ip
    PROTO  PROPERTY    PERM CURRENT   PERSISTENT   DEFAULT   POSSIBLE
    ipv6   hostmodel   rw   strong    strong       weak      strong,src-priority,weak
    ipv4   hostmodel   rw   strong    strong       weak      strong,src-priority,weak

See Also

For more information, see hostmodel (IPv4 or IPv6) in Oracle Solaris 11.3 Tunable Parameters Reference Manual and the ipadm(1M) man page.

For more information about the use of strict multihoming, see How to Protect the Connection Between Two LANs With IPsec in Tunnel Mode.