Presumably when a 171.x.x.x Xymon client wants to talk to the Xymon server, which has a 2.x.x.x address, the client routes its packets to the firewall which then routes them back to the server, this is standard packet routing. You will need to ensure that you have firewall rules in place to allow this though...
Alternatively if you have a spare interface on your Xymon server you could configure that with a 171.x.x.x address, connect it into a convenient switch and have the 171. clients send to that address instead. The clients will still be referred to by their 171. address in the server's bb-hosts file, you are simply stopping packets routing to the firewall and back. I do something similar with my Xymon server and clients.
HTH
|\/|artin
-----Original Message-----
From: David Masterson (damaster) [mailto:damaster at cisco.com]
Sent: 12 February 2009 19:04
To: hobbit at hswn.dk
Subject: [hobbit] Servers (and clients) with multiple IPs ?
In my environment, we have a lab where all the systems are onthe 2.x.x.x subnet. This subnet is firewalled such that it's not visible to the rest of the company. However, there are some systems in the lab that have 171.x.x.x IPs and the firewall translates those IPs to the appropriate 2.x.x.x IP so that communications can be established out of the lab. Effectively, these systems have two IP addresses. In fact, I've put Xymon on several of these systems (including the Xymon server). While I was setting up Xymon clients that were just in the lab, there was no problem as I'd just identify all the systems by their 2.x.x.x IP. My question, though, is how to configure things on clients that are outside the lab. Obviously, when I configure the outside clients, I'll have to identify the server by it's 171.x.x.x IP. The server, though, is identified by its 2.x.x.x IP in the bb-hosts file. Will this be a problem? Are there any gotchas to watch out for? David Masterson
Taglocity <http://www.taglocity.com> Tags: Systems, SysMgmt,SystemMonitor, XYmon
The message is intended for the named addressee only and may not be disclosed to or used by anyone else, nor may it be copied in any way.
The contents of this message and its attachments are confidential and may also be subject to legal privilege. If you are not the named addressee and/or have received this message in error, please advise us by e-mailing security at colt.net and delete the message and any attachments without retaining any copies.
Internet communications are not secure and COLT does not accept responsibility for this message, its contents nor responsibility for any viruses.
No contracts can be created or varied on behalf of COLT Telecommunications, its subsidiaries or affiliates ("COLT") and any other party by email Communications unless expressly agreed in writing with such other party.
Please note that incoming emails will be automatically scanned to eliminate potential viruses and unsolicited promotional emails. For more information refer to www.colt.net or contact us on +44(0)20 7390 3900.