Manualsbrain.com
  1. Manuais
  2. Marcas
  3. Cisco
  4. Cisco Email Security Appliance C170
  5. Guia Do Utilizador

Cisco Cisco Email Security Appliance C170 Guia Do Utilizador

Download
Página de 460
 
B-2
Cisco IronPort AsyncOS 7.6 for Email Configuration Guide
OL-25136-01
Appendix B      Assigning Network and IP Addresses
An IP address identifies a physical interface on any given network. A physical Ethernet interface can 
have more than one IP address for which it accepts packets. An Ethernet interface that has more than one 
IP address can send packets over that interface with any one of the IP addresses as the source address in 
the packet. This property is used in implementing Virtual Gateway technology.
The purpose of a netmask is to divide an IP address into a network address and a host address. The 
network address can be thought of as the network part (the bits matching the netmask) of the IP address. 
The host address is the remaining bits of the IP address. The number of bits in a four octet address that 
are significant are sometimes expressed in CIDR (Classless Inter-Domain Routing) style. This is a slash 
followed by the number of bits (1-32). 
A netmask can be expressed in this way by simply counting the ones in binary, so 
255.255.255.0
 
becomes “
/24
” and 
255.255.240.0
 becomes “
/20
”.
Sample Interface Configurations
This section shows sample interface configurations based on some typical networks. The example will 
use two interfaces called Int1 and Int2. In the case of the Cisco IronPort appliance, these interface names 
can represent any two interfaces out of the three Cisco IronPort interfaces (Management, Data1, Data2).
Network 1:
Separate interfaces must appear to be on separate networks. 
Data addressed to 
192.168.1.X
 (where X is any number 1-255, except for your own address, 10 in this 
case) will go out on Int1. Anything addressed to 
192.168.0.X
 will go out on Int2. Any packet headed 
for some other address not in these formats, most likely out on a WAN or the Internet, will be sent to the 
default gateway which must itself be on one of these networks. The default gateway will then forward 
the packet on.
Network 2:
The network addresses (network parts of the IP addresses) of two different interfaces cannot be the same.
This situation presents a conflict in that two different Ethernet interfaces have the same network address. 
If a packet from the Cisco IronPort appliance is sent to 
192.168.1.11
, there is no way to decide which 
Ethernet interface should be used to deliver the packet. If the two Ethernet interfaces are connected to 
two separate physical networks, the packet may be delivered to the incorrect network and never find its 
destination. The Cisco IronPort appliance will not allow you to configure your network with conflicts.
You can connect two Ethernet interfaces to the same physical network, but you must construct IP 
addresses and netmasks to allow the Cisco IronPort appliance to select a unique delivery interface.
    Interface
 IP address
netmask
net address
    Int1
192.168.1.10
255.255.255.0
192.168.1.0/24
    Int2
192.168.0.10
255.255.255.0
192.168.0.0/24
Ethernet Interface
 IP address
 netmask
net address
    Int1
192.168.1.10
255.255.0.0
192.168.0.0/16
    Int2
192.168.0.10
255.255.0.0
192.168.0.0/16