From owner-freebsd-stable Fri Jan 28 6:11:26 2000 Delivered-To: freebsd-stable@freebsd.org Received: from gndrsh.dnsmgr.net (GndRsh.dnsmgr.net [198.145.92.4]) by hub.freebsd.org (Postfix) with ESMTP id 70B7114BE9 for ; Fri, 28 Jan 2000 06:11:21 -0800 (PST) (envelope-from freebsd@gndrsh.dnsmgr.net) Received: (from freebsd@localhost) by gndrsh.dnsmgr.net (8.9.3/8.9.3) id GAA81282; Fri, 28 Jan 2000 06:11:09 -0800 (PST) (envelope-from freebsd) From: "Rodney W. Grimes" Message-Id: <200001281411.GAA81282@gndrsh.dnsmgr.net> Subject: Re: Odd DoS In-Reply-To: <38919B3A.FFA1E70D@nisser.com> from Roelof Osinga at "Jan 28, 2000 02:35:54 pm" To: roelof@nisser.com (Roelof Osinga) Date: Fri, 28 Jan 2000 06:11:08 -0800 (PST) Cc: kuzak@kuzak.net (Kuzak), freebsd-stable@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL54 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > "Rodney W. Grimes" wrote: > > > > Fix your netmask on your alias and these will go away. If your > > using an IP address as an alias it should have a netmask of 0xffffffff. > > No they don't. Details are in the archives, b.t.w. Nonetheless I > take it you mean something like: > > ifconfig_ep1="inet 212.187.0.39 netmask 255.255.248.0" ^^^^^^ Are you really supernetted here? This could be a major part of your problem. Don't you mean ``255.255.255.248''? > #used to be > #ifconfig_ep1_alias0="inet 194.134.130.170 194.134.128.1 netmask > 255.255.252.0" The above won't even parse correctly by ifconfig, 2 ip's???? and again, is this network SUPERNETTED? Or is the netmask suppose to actually be 255.255.255.252? > #according to some: > ifconfig_ep1_alias0="inet 194.134.130.170 netmask 255.255.255.255" > #ifconfig_le0="inet 194.134.130.170 netmask 255.255.252.0" > #defaultrouter="10.0.0.10" > #defaultrouter="194.134.128.1" > defaultrouter="212.187.0.1" > #static_routes="euronet" > #route_euronet="194.134.0.0 194.134.128.1" > > The only difference is that a -1 netmask results in less ARP > failures. And you'll probably get even less if your really have an off by <<8 in your netmask and you fix it... > > Anyway, I think it has been written to facilitate aliassed addresses > within the same subnet. I.e. all having the same gateway. The above > is an unforeseen case and that it works at all is a compliment to > the coder(s). > > Mine is probably a special case, and temporary to boot. I can live > with the: > > ... > arplookup 194.134.128.1 failed: host is not on local network > arplookup 194.134.128.1 failed: host is not on local network > file: table is full > file: table is full > ... What does your routing table look like??? > > until the time I can do without the alias. Apparantly, so can > FreeBSD. It has been 41 days since the last CVSup . > > Having tested most, if not all, permutations possible in the config > above by commenting and uncommenting appropriate sections; not to > mention the manual fiddling with routes, ifconfigs and ARP tables > I do feel justified in pointing out that it might very well be > caused by having an alias on a different subnet. I do this all the time to route between 2 subnets on the same physical ethernet on 1 physical interface on 1 box. It works just fine, I don't get bottles of arplookup's unless I blow one of the netmask some place or a -interface route. -- Rod Grimes - KD7CAX @ CN85sl - (RWG25) rgrimes@gndrsh.dnsmgr.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message