How do you limit a license server to only listen via a specific network card on a system with multiple NICs?

Summary

How do you limit a license server to only listen via a specific network card on a system with multiple NICs?

Question

Is there any way to tie a license server to a specific network card in terms of what the vendor daemon actually listens for license requests? For example, when running license servers that are multi-homed (e.g. multiple network cards) on a Linux system, you can see by running lsof -ni :port that lmgrd and the vendor daemon are both listening on all networks. Can FNP be configured to be only listening on the network card they are bound to by hostid?

Answer

By design, the license server is listening on IP address 0.0.0.0, meaning it listens for network traffic from all NICs. Listening on 0.0.0.0 is normal for server applications.

These needs can be met by adding rules to disable traffic from specific NIC/Subnet in your firewall, or by adding some exclude IP/hostname via FNP's Options file to reject checkout request from part of your IP addresses or hostnames. There is no way in FNP to select a particular network card. I.e., it is not possible to have license server (lmgrd) to listen on a specific IP address instead of the 0.0.0.0.

While you can?t bind the scope to the network card, what you're trying to do should work based on which interface the DHCP traffic is received on; as long as you have a scope defined that is correct for each interface. DHCP servers take into account the IP address of the interface on which the incoming request was received. In the case of relays the IP of the interface the relay received the request is included as part of the forward request. So if a computer receives a request on the interface 10.90.63.1/24 then it will assign an address from the 10.90.63.0/24 scope.

So all you have to do is make sure the VLAN card associated with the license server has a static address assigned that is valid for that network, and then activate the scope.