Here, each organization gets a virtual system of its own. These connect to the main routing table
using pairs of loopback interfaces. The routing tables would have the following entries:
Routing Table main
Route # Interface Network Gateway
1 main-wan all-nets wan_gw
2 main-vs1 pubip-vs1
3 main-vs2 pubip-vs2
Routing Table vs1
Route # Interface Network Gateway
1 vs1-main all-nets
2 vs1-lan 192.168.0.0/24
Routing Table vs2
Route # Interface Network Gateway
1 vs2-main all-nets
2 vs2-lan 192.168.0.0/24
Ethernet Interfaces
Interface # Name IP Address Routing Table
1 main-wan ip_main-wan main
2 vs1-lan 192.168.0.1 vs1
3 vs2-lan 192.168.0.254 vs2
Loopback Interfaces
# Name IP Address Loop to Routing Table
1 main-vs1 ip_main-wan vs1-main main
2 vs1-main pubip-vs1 main-vs1 vs1
3 main-vs2 ip_main-wan vs2-main main
4 vs2-main pubip-vs2 main-vs2 vs2
For each connection between a pair of virtual systems, a pair of loopback interfaces is required,
one for each system. When traffic is sent through main-vs1, it arrives on vs1-main. When traffic is
sent through vs1-main, it is received on main-vs1. This is exactly the same as with two NetDefend
Firewalls and two interfaces, one on each, with a connection between them.
The Routing Table Membership setting means that if a connection arrives on an interface, it will be
routed according to the routing table that the interface is a member of.
Chapter 4: Routing
327
To Next Page
Loading...
