ShinobiLayer: Private NWへの新経路情報(について

More than 3 years have passed since last update.


SoftLayerにおいては、初期プロビジョニング時にPrivate NWへのstatic routeとして10.0.0.0/8がデフォルトで追加されていました。

2016/05/17に新規に投稿されたblog情報によると、SoftLayerのPrivate NW内のサービスを利用するためには、Private NW側へのroutingとして10.0.0.0/8だけでなく、も今後は追加設定する必要があるようです。既存環境にはすぐには影響はないとは思いますが、新たなサービスを利用するためには161.26.0.0/16を追加しないと動かないかもしれません(逆に、SoftLayerの新サービスは、上に載ってくる可能性が高そうです)。


[root@mynin2 ~]# date

Wed May 18 08:41:11 JST 2016

[root@mynin2 ~]# ip r
default via dev eth1 via dev eth0 dev eth0 proto kernel scope link src via dev eth0 dev eth1 proto kernel scope link src dev eth0 scope link metric 1002 dev eth1 scope link metric 1003

[root@mynin2 ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface UG 0 0 0 eth1 UG 0 0 0 eth0 U 0 0 0 eth0 UG 0 0 0 eth0 U 0 0 0 eth1 U 1002 0 0 eth0 U 1003 0 0 eth1

[root@mynin2 ~]# cat /etc/sysconfig/network-scripts/route-eth0 via via


Customers will see a new route configured on a newly provisioned customer host or on a customer host after a portal-initiated OS reload. This is part of a greater goal to enable new services and offerings for SoftLayer customers. This route will direct traffic addressed to hosts configured out of the network block ( - to the back end private gateway IP address configured on customer servers or virtual server instances.

The address space is assigned to SoftLayer by IANA and will not be advertised over the front end public network. This space will be used exclusively on SoftLayer’s backend private network, will never conflict with network addresses on the Internet, and should never conflict with address space used by third-party VPN service providers.

This new route is similar to the route already located on SoftLayer hosts, in that SoftLayer services are addressed out of both ranges. Also, both the route and the route will need to be configured on a customer host if it is required to access all SoftLayer services hosted on the back end private network. Unlike the range, the range will be used exclusively for SoftLayer services. Customers will need to ensure that ACL/firewalls on customer servers, virtual server instances, and gateway appliances are configured to allow connectivity to the network block to access these new services.

For more information on this new route, including how to configure existing systems to use them, read more on KnowledgeLayer.