Routing Between Specific VLAN Subnets
In most cases, there is a one-to-one relationship between VLANs and subnets -- i.e., a VLAN in
most configurations is associated with one subnet. There are, however, situations in which an
administrator will associate more than one subnet with a VLAN. If multiple subnets are defined
within a VLAN, you can optionally specify a subnet as an additional argument to the
permit
command, as in this example:
eqcli >
vlan vlan1 permit vlan2:sn03
The above command enables ports configured for
vlan1
to route packets with a destination address
on subnet
sn03
defined in
vlan2
. Packets addressed to other subnets configured on
vlan2
will be
dropped.
Similarly, you’ll need to specify the reverse route: let’s say you only want to route packets to
vlan1
from ports configured for
vlan2
if they originated on subnet
sn03
. To accomplish this, you’ll
need to specifically add that VLAN/subnet combination to the permitted VLAN list for
vlan2
:
eqcli >
vlan vlan2 subnet sn03 permit vlan1
Source IP Address for Outbound Packets
When Equalizer originates connections to other hosts (for example, when Equalizer sends out
probes, queries an NTP or DNS server, etc.), the source IP address for outbound packets will be
the source network that was specified in the route configured for the subnet.
Subnet Routes and Global Default Route
Each subnet has a complete routing table. There is no explicit global default route setting that
applies to all subnets. To configure a global default route, you must define the same default route
on all subnets.
Copyright © 2014 Coyote Point Systems, A Subsidiary of Fortinet, Inc.
All Rights Reserved.
227
Equalizer Administration Guide
Summary of Contents for Equalizer GX Series
Page 18: ......
Page 32: ...Overview 32 Copyright 2014 Coyote Point Systems A Subsidiary of Fortinet Inc ...
Page 42: ......
Page 52: ......
Page 64: ......
Page 72: ......
Page 76: ......
Page 228: ......
Page 238: ......
Page 476: ......
Page 492: ......
Page 530: ......
Page 614: ......
Page 626: ......
Page 638: ......
Page 678: ......
Page 732: ...Using SNMP Traps 732 Copyright 2014 Coyote Point Systems A Subsidiary of Fortinet Inc ...
Page 754: ......
Page 790: ......
Page 804: ......
Page 842: ......
Page 866: ......