• IPRoleMapperConfiguration

IP-Role Mapper Service Configuration

The IP-Role mapper service is quite easy to configure and its configuration may be modified "on the fly", that is, the service will reload the configuration file when it detects any modifications.

The configuration file is just an XML file containing a list of IP ranges enclosed in an <ipranges> element, each of the IP ranges must have a begin and an end address specified in its attributes and must contain at least one <role> element, and optionally an arbitrary number of roles. Each individual IP range in the configuration file may apply either IPv4 or IPv6 addresses, that is, the begin and end address of each range must be of the same type. However, mixing IPv4 and IPv6 IP ranges in the same configuration file is accepted.

.... single host range....

This is an example of an IPv4 <iprange> element:

    <iprange begin="130.225.24.0" end="130.225.25.255">
        <!-- Inhouse non-NAT addresses -->
        <role>inhouse</role>
    </iprange>

ELABORATE: - IPv4, IPv6 - Multiple roles - Comments

<?xml version="1.0" encoding="UTF-8"?>
<ipranges>
    <iprange begin="130.225.24.0" end="130.225.25.255">
        <!-- Inhouse non-NAT addresses -->
        <role>inhouse</role>
    </iprange>
    <iprange begin="130.225.26.33" end="130.225.26.33">
        <!-- External addresses for inhouse NAT addresses -->
        <role>inhouse</role>
    </iprange>
    <iprange begin="130.255.26.35" end="130.255.26.35">
        <!-- External addresses for VPN NAT addresses -->
        <role>inhouse</role>
    </iprange>
    <iprange begin="172.16.7.0" end="172.16.7.255">
        <!-- Inhouse VPN NAT addresses -->
        <role>inhouse</role>
    </iprange>
    <iprange begin="172.18.0.0" end="172.18.255.255">
        <!-- Inhouse NAT addresses -->
        <role>inhouse</role>
    </iprange>
</ipranges>