ntls bind

Binds the network trust link service (NTLS) to a network device. You can bind NTLS to a specific device (eth0, eth1, eth2, or eth3), all devices (eth0, eth1, eth2, and eth3) or to a bonded interface (bond0 or bond1). See network interface bonding for more information about creating a bonded interface.

NOTE   You can bind your NTLS traffic to an IPv4 or IPv6 device, but not to both IPv4 and IPv6 devices simultaneously. If some of the network devices on your Luna Network HSM are configured with IPv4 addresses, while others are configured with IPv6 addresses, the ntls bind all command will bind NTLS to all IPv4 devices, while the ntls bind all -ipv6 command will bind NTLS to all IPv6 devices.

You must restart the NTLS service for the change to take effect (see service restart):

> if the device you are binding to is configured and active, the NTLS traffic is bound to the new device immediately after NTLS restarts.

>if the device you are binding to is not configured or is inactive, the NTLS binding configuration is updated, but the NTLS traffic keeps its current binding. The NTLS traffic will begin using the new configuration only after you configure and connect the interface so that it becomes active, and restart the NTLS service.

If you wish, client traffic restriction could complement SSH traffic restriction using the command sysconf ssh ip or sysconf ssh device, which restrict administrative traffic (over SSH) to a specific IP address or device name on your Luna Network HSM.

User Privileges

Users with the following privileges can perform this command:

>Admin

>Operator

Syntax

ntls bind <netdevice> [-force] [-ipv6]

Argument(s) Shortcut Description
-force -f Force the action without prompting.
-ipv6 -i Use with ntls bind all to bind all IPv6 devices. This parameter is not required when binding to a specific IPv6 device (eth0, eth1, eth2, or eth3), or a specific bonded device (bond0 or bond1).
<netdevice>  

Specifies the network device you want to bind to the NTLS service. All NTLS traffic to the appliance will use the specified network device.

Valid values:

all: Bind to all devices. Use without the -ipv6 parameter to bind to all IPv4 devices. Use with the -ipv6 parameter to bind to all IPv6 devices.

bond0: Bind to the bond0 interface. See network interface bonding.

bond1: Bind to the bond1 interface.

eth0: Bind to the eth0 device.

eth1: Bind to the eth1 device.

eth2: Bind to the eth2 device.

eth3: Bind to the eth3 device.

Default:

all (0.0.0.0). This will bind to all IPv4 devices.

Example

lunash:>ntls bind eth0
 
NTLS binding set to network device eth0. You must restart the NTLS service for the new settings to take effect.
If you are sure that you wish to restart NTLS, then type 'proceed', otherwise type 'quit'
>proceed Proceeding...
Restarting NTLS service...
Stopping ntls:                           [ OK  ]
Starting ntls:                           [ OK  ]
Command Result : 0 (Success)