I have a DMZ lpar with multiple addresses of 208.x.x.x on subnet 255.255.255.0
I have an internal lpar at address 10.y.y.y on subnet 255.255.254.0
The *DFTROUTE for the DMZ lpar is 208.x.x.1, subnet *NONE.
The DMZ lpar supports multiple interfaces (IP addresses).  However I would like all traffic from the DMZ lpar to this one internal lpar to bind from address 208.x.x.2
Is it as easy as adding another route like:
ADDTCPRTE RTEDEST('10.y.y.y') SUBNETMASK('255.255.254.0') NEXTHOP('208.x.x.1') BINDIFC('208.x.x.2') TEXT('Route for BRMS to SGCTLKIT')
On the ADDTCPRTE I believe I use the subnet mask of the destination and not the subnet mask of the source, right?
Sounds easy but I had a bad experience years ago trying to set up Schowler routes and I am a little cautious since.

I know that a few IBM i applications have their own way of "bind specific".  This app is not one of them.  And none of the other IP addresses have any business talking to this destination.

Hello Robert, you have to use *HOST in the SUBNETMASK value.

I have a DMZ lpar with multiple addresses of 208.x.x.x on subnet 255.255.255.0
I have an internal lpar at address 10.y.y.y on subnet 255.255.254.0
The *DFTROUTE for the DMZ lpar is 208.x.x.1, subnet *NONE.
The DMZ lpar supports multiple interfaces (IP addresses).  However I would like all traffic from the DMZ lpar to this one internal lpar to bind from address 208.x.x.2
Is it as easy as adding another route like:
ADDTCPRTE RTEDEST('10.y.y.y') SUBNETMASK('255.255.254.0') NEXTHOP('208.x.x.1') BINDIFC('208.x.x.2') TEXT('Route for BRMS to SGCTLKIT')
On the ADDTCPRTE I believe I use the subnet mask of the destination and not the subnet mask of the source, right?
Sounds easy but I had a bad experience years ago trying to set up Schowler routes and I am a little cautious since.

I know that a few IBM i applications have their own way of "bind specific".  This app is not one of them.  And none of the other IP addresses have any business talking to this destination.

Thank you.

I've added the appropriate route.

I ran a traceroute before/after and no changes.

I can still do 3 part naming sql so that's good.

The real test will be when we tighten the firewall to ensure that only the one IP address can get in.

Hello Robert, you have to use *HOST in the SUBNETMASK value.

I have a DMZ lpar with multiple addresses of 208.x.x.x on subnet 255.255.255.0
I have an internal lpar at address 10.y.y.y on subnet 255.255.254.0
The *DFTROUTE for the DMZ lpar is 208.x.x.1, subnet *NONE.
The DMZ lpar supports multiple interfaces (IP addresses).  However I would like all traffic from the DMZ lpar to this one internal lpar to bind from address 208.x.x.2
Is it as easy as adding another route like:
ADDTCPRTE RTEDEST('10.y.y.y') SUBNETMASK('255.255.254.0') NEXTHOP('208.x.x.1') BINDIFC('208.x.x.2') TEXT('Route for BRMS to SGCTLKIT')
On the ADDTCPRTE I believe I use the subnet mask of the destination and not the subnet mask of the source, right?
Sounds easy but I had a bad experience years ago trying to set up Schowler routes and I am a little cautious since.

I know that a few IBM i applications have their own way of "bind specific".  This app is not one of them.  And none of the other IP addresses have any business talking to this destination.

I have a DMZ lpar with multiple addresses of 208.x.x.x on subnet 255.255.255.0
I have an internal lpar at address 10.y.y.y on subnet 255.255.254.0
The *DFTROUTE for the DMZ lpar is 208.x.x.1, subnet *NONE.
The DMZ lpar supports multiple interfaces (IP addresses).  However I would like all traffic from the DMZ lpar to this one internal lpar to bind from address 208.x.x.2
Is it as easy as adding another route like:
ADDTCPRTE RTEDEST('10.y.y.y') SUBNETMASK('255.255.254.0') NEXTHOP('208.x.x.1') BINDIFC('208.x.x.2') TEXT('Route for BRMS to SGCTLKIT')
On the ADDTCPRTE I believe I use the subnet mask of the destination and not the subnet mask of the source, right?
Sounds easy but I had a bad experience years ago trying to set up Schowler routes and I am a little cautious since.

I know that a few IBM i applications have their own way of "bind specific".  This app is not one of them.  And none of the other IP addresses have any business talking to this destination.

I think you've got it with the BINDIFC parameter.  We're using SRIOV so I have 2 "physical" interfaces with a bunch of virtual interfaces built on top of them.  We use BINDIFC(*NONE) so the system will use either of the physical interfaces.  If one goes down, it will use the other.  In your case you're trying to do the opposite (force traffic to a particular destination to bind to a specific local interface).

I have a DMZ lpar with multiple addresses of 208.x.x.x on subnet 255.255.255.0
I have an internal lpar at address 10.y.y.y on subnet 255.255.254.0
The *DFTROUTE for the DMZ lpar is 208.x.x.1, subnet *NONE.
The DMZ lpar supports multiple interfaces (IP addresses).  However I would like all traffic from the DMZ lpar to this one internal lpar to bind from address 208.x.x.2
Is it as easy as adding another route like:
ADDTCPRTE RTEDEST('10.y.y.y') SUBNETMASK('255.255.254.0') NEXTHOP('208.x.x.1') BINDIFC('208.x.x.2') TEXT('Route for BRMS to SGCTLKIT')
On the ADDTCPRTE I believe I use the subnet mask of the destination and not the subnet mask of the source, right?
Sounds easy but I had a bad experience years ago trying to set up Schowler routes and I am a little cautious since.

I know that a few IBM i applications have their own way of "bind specific".  This app is not one of them.  And none of the other IP addresses have any business talking to this destination.

We have a very fault tolerant setup.  Ethernet is served from multiple VIOS lpars using multiple FC adapters, etc.  Still shows up as one line description to that lpar of IBM i.  So it's not like binding to one particular IP address chokes down any of our fault tolerances.  The other IP addresses are simply for stuff like

https://functiona.dekko.com

https://functionB.dekko.com

...

I think you've got it with the BINDIFC parameter.  We're using SRIOV so I have 2 "physical" interfaces with a bunch of virtual interfaces built on top of them.  We use BINDIFC(*NONE) so the system will use either of the physical interfaces.  If one goes down, it will use the other.  In your case you're trying to do the opposite (force traffic to a particular destination to bind to a specific local interface).

I have a DMZ lpar with multiple addresses of 208.x.x.x on subnet 255.255.255.0
I have an internal lpar at address 10.y.y.y on subnet 255.255.254.0
The *DFTROUTE for the DMZ lpar is 208.x.x.1, subnet *NONE.
The DMZ lpar supports multiple interfaces (IP addresses).  However I would like all traffic from the DMZ lpar to this one internal lpar to bind from address 208.x.x.2
Is it as easy as adding another route like:
ADDTCPRTE RTEDEST('10.y.y.y') SUBNETMASK('255.255.254.0') NEXTHOP('208.x.x.1') BINDIFC('208.x.x.2') TEXT('Route for BRMS to SGCTLKIT')
On the ADDTCPRTE I believe I use the subnet mask of the destination and not the subnet mask of the source, right?
Sounds easy but I had a bad experience years ago trying to set up Schowler routes and I am a little cautious since.

I know that a few IBM i applications have their own way of "bind specific".  This app is not one of them.  And none of the other IP addresses have any business talking to this destination.

Yup I think that's definitely the way to go these days.  Our setup was done by a business partner when SRIOV was what all the "cool kids" were doing!

We have a very fault tolerant setup.  Ethernet is served from multiple VIOS lpars using multiple FC adapters, etc.  Still shows up as one line description to that lpar of IBM i.  So it's not like binding to one particular IP address chokes down any of our fault tolerances.  The other IP addresses are simply for stuff like

https://functiona.dekko.com

https://functionB.dekko.com

...

I think you've got it with the BINDIFC parameter.  We're using SRIOV so I have 2 "physical" interfaces with a bunch of virtual interfaces built on top of them.  We use BINDIFC(*NONE) so the system will use either of the physical interfaces.  If one goes down, it will use the other.  In your case you're trying to do the opposite (force traffic to a particular destination to bind to a specific local interface).

I have a DMZ lpar with multiple addresses of 208.x.x.x on subnet 255.255.255.0
I have an internal lpar at address 10.y.y.y on subnet 255.255.254.0
The *DFTROUTE for the DMZ lpar is 208.x.x.1, subnet *NONE.
The DMZ lpar supports multiple interfaces (IP addresses).  However I would like all traffic from the DMZ lpar to this one internal lpar to bind from address 208.x.x.2
Is it as easy as adding another route like:
ADDTCPRTE RTEDEST('10.y.y.y') SUBNETMASK('255.255.254.0') NEXTHOP('208.x.x.1') BINDIFC('208.x.x.2') TEXT('Route for BRMS to SGCTLKIT')
On the ADDTCPRTE I believe I use the subnet mask of the destination and not the subnet mask of the source, right?
Sounds easy but I had a bad experience years ago trying to set up Schowler routes and I am a little cautious since.

I know that a few IBM i applications have their own way of "bind specific".  This app is not one of them.  And none of the other IP addresses have any business talking to this destination.