This just isn't ever going to work. The Linux kernel routes based on IP address, you cannot ever route based on a name. You can try to lookup the name and cache the IP address, but how frequently do you update that? This is just a can of worms... Not to mention if you did this guess what... you're exporting ranges of IP addresses. This fixed what exactly?
The only sane way out is API integration so that Amazon can push updated information at the point of change to all platforms. NGFW cannot do this, nor can Sonicwall or anything else.
So I'm back to asking what your use case is, because it's time to get creative.
-
OpenVPN exported networks
I want to allow an AWS load balancer to be exported and allowed on my network. Something like example.us-east-1.rds.amazonaws.com. The problem is that Untangle currently only supports CIDR networks and the load balancer constantly changes IPs. Is there any way of adding to the exported networks an FQDN or URL that changes IPs?
Right now I am exporting entire ranges of IPs which kinda defeats the point of exporting networks.
Leave a comment: