From owner-freebsd-stable Thu Feb 28 8:21:33 2002 Delivered-To: freebsd-stable@freebsd.org Received: from gromit.solo.net (gromit.solo.net [64.23.55.189]) by hub.freebsd.org (Postfix) with ESMTP id 3B97037B417 for ; Thu, 28 Feb 2002 08:21:00 -0800 (PST) Received: (from root@localhost) by gromit.solo.net (8.11.6/8.11.6) id g1SGPda28068 for freebsd-stable@freebsd.org; Thu, 28 Feb 2002 11:25:39 -0500 (EST) (envelope-from dak@solo.net) Received: from [192.168.200.104] (localhost [127.0.0.1]) (authenticated) by gromit.solo.net (8.11.6/8.11.6av) with ESMTP id g1SGPb228059 for ; Thu, 28 Feb 2002 11:25:37 -0500 (EST) (envelope-from dak@solo.net) Mime-Version: 1.0 X-Sender: dak@mail.solo.net (Unverified) Message-Id: Date: Thu, 28 Feb 2002 11:20:55 -0500 To: freebsd-stable@freebsd.org From: "David A. Koran" Subject: Fwd: Re: ifconfig aliases Content-Type: multipart/alternative; boundary="============_-1197209238==_ma============" X-Virus-Scanned: by AMaViS perl-11 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --============_-1197209238==_ma============ Content-Type: text/plain; charset="us-ascii" ; format="flowed" >Date: Thu, 28 Feb 2002 11:14:45 -0500 >To: cjclark@alum.mit.edu >From: "David A. Koran" >Subject: Re: ifconfig aliases >Cc: >Bcc: >X-Attachments: > >>On Wed, Feb 27, 2002 at 07:48:11PM -0800, Michael Sierchio wrote: >>> Crist J. Clark wrote: >>> >> > >>ifconfig_fxp0="inet AAA.BBB.CCC.190 netmask 255.255.255.128" >>> >>ifconfig_fxp0_alias0="inet AAA. BBB.DDD.209 netmask 255.255.255.248" >>> >>ifconfig_fxp0_alias1="inet AAA. BBB.DDD.210 netmask 255.255.255.248" >>> >>ifconfig_fxp0_alias2="inet AAA. BBB.DDD.211 netmask 255.255.255.248" >>> >>ifconfig_fxp0_alias3="inet AAA. BBB.DDD.212 netmask 255.255.255.248" >>> >>ifconfig_fxp0_alias4="inet AAA. BBB.DDD.213 netmask 255.255.255.248" >> > >>ifconfig_fxp0_alias5="inet AAA. BBB.DDD.214 netmask 255.255.255.248" >>> >> >>> > >>> > This was never "legal." It has always been a >>> > misconfiguration. However, depending on what you were doing, it may >>> > still have worked in spite of not making any sense. >>> >>> Care to expand a little bit? >> >>Looking at this more... it's a little weird. This machine has all of >>the addresses on this AAA.BBB.DDD.208/29 subnet? If you are using this >>as I imagine you are, perhaps putting them on the loopback device >>would be better. > >The scenario is as such. My ISP gives each machine you "lease" an IP >address on the network AAA.BBB.CCC.YYY. For "extra" IPs for any of >the machines you lease, they give you a block on AAA. BBB.DDD.ZZZ. >The mask for my block of extra IPs was 255.255.255.248. (I've also >done this config on ed0 and xl0 devices besides the fxp0). And as I >mentioned in my previous response, this configuration has worked for >a number of years, of which it just stopped working yesterday when I >brought this topic up. All the aliased addresses are on the /29 but >the base address is on another subnet entirely, go fig. > >> >>The most obvious question that arises when you want to reach another >>system on the same subnet as the aliases. Which address should be the >>source? > >Actually I can HTTP, SSH, and any other TCP/IP protocol to get to >another box (another FreeBSD with a similar config, aliases and all) >via any of those addresses on that interface. > > > >>Depending on how the code works, (1) you might get predictable >>behavior (it's always the first alias), (2) unpredictable behavior (it >>might be any one of them), or (3) broken behavior (it doesn't work at >>all or only works sometimes). It looks like you are seeing (3) at the >>moment. > >I'm betting it was broken behaviour that was mysteriously fixed.. >and thus, I had to "clean" my config. (BTW, the NAT and Firewall >instructions at FreeBSDDiary.org also list this way of aliasing >interfaces, so I'm to wonder where the bad info may have started... >maybe a kludge that worked for ages...) > > >>-- >>Crist J. Clark | cjclark@alum.mit.edu >> | cjclark@jhu.edu >>http://people.freebsd.org/~cjc/ | cjc@freebsd.org > > >-- > >David A. Koran >(dak@solo.net) - http://www.solo.net/~dak/ > >PGP Key ID: 0x8AC39F65 > >-----BEGIN GEEK CODE BLOCK----- >Version: 3.1 >GIT/CS/SS d- s+: a- C+++$ UBLHSX++++$ P+++$ L- E--- W+++ N- o-- K-? >w--- O- M+++$ V-- PS++ PE- Y+>++ PGP t--@ 5 X+ R- tv b+ DI++++ D G >e*>+++ h++ r y+ >------END GEEK CODE BLOCK------ -- David A. Koran (dak@solo.net) - http://www.solo.net/~dak/ PGP Key ID: 0x8AC39F65 -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GIT/CS/SS d- s+: a- C+++$ UBLHSX++++$ P+++$ L- E--- W+++ N- o-- K-? w--- O- M+++$ V-- PS++ PE- Y+>++ PGP t--@ 5 X+ R- tv b+ DI++++ D G e*>+++ h++ r y+ ------END GEEK CODE BLOCK------ --============_-1197209238==_ma============ Content-Type: text/html; charset="us-ascii" Fwd: Re: ifconfig aliases
Date: Thu, 28 Feb 2002 11:14:45 -0500
To: cjclark@alum.mit.edu
From: "David A. Koran" <dak@solo.net>
Subject: Re: ifconfig aliases
Cc:
Bcc:
X-Attachments:
On Wed, Feb 27, 2002 at 07:48:11PM -0800, Michael Sierchio wrote:
> Crist J. Clark wrote:
>
> >>ifconfig_fxp0="inet AAA.BBB.CCC.190  netmask 255.255.255.128"
> >>ifconfig_fxp0_alias0="inet AAA. BBB.DDD.209 netmask 255.255.255.248"
> >>ifconfig_fxp0_alias1="inet AAA. BBB.DDD.210 netmask 255.255.255.248"
> >>ifconfig_fxp0_alias2="inet AAA. BBB.DDD.211 netmask 255.255.255.248"
> >>ifconfig_fxp0_alias3="inet AAA. BBB.DDD.212 netmask 255.255.255.248"
> >>ifconfig_fxp0_alias4="inet AAA. BBB.DDD.213 netmask 255.255.255.248"
> >>ifconfig_fxp0_alias5="inet AAA. BBB.DDD.214 netmask 255.255.255.248"
> >>
> >
> > This was never "legal." It has always been a
> > misconfiguration. However, depending on what you were doing, it may
> > still have worked in spite of not making any sense.
>
> Care to expand a little bit?

Looking at this more... it's a little weird. This machine has all of
the addresses on this AAA.BBB.DDD.208/29 subnet? If you are using this
as I imagine you are, perhaps putting them on the loopback device
would be better.

The scenario is as such. My ISP gives each machine you "lease" an IP address on the network AAA.BBB.CCC.YYY. For "extra" IPs for any of the machines you lease, they give you a block on AAA. BBB.DDD.ZZZ. The mask for my block of extra IPs was 255.255.255.248. (I've also done this config on ed0 and xl0 devices besides the fxp0). And as I mentioned in my previous response, this configuration has worked for a number of years, of which it just stopped working yesterday when I brought this topic up. All the aliased addresses are on the /29 but the base address is on another subnet entirely, go fig.


The most obvious question that arises when you want to reach another
system on the same subnet as the aliases. Which address should be the
source?

Actually I can HTTP, SSH, and any other TCP/IP protocol to get to another box (another FreeBSD with a similar config, aliases and all) via any of those addresses on that interface.



Depending on how the code works, (1) you might get predictable
behavior (it's always the first alias), (2) unpredictable behavior (it
might be any one of them), or (3) broken behavior (it doesn't work at
all or only works sometimes). It looks like you are seeing (3) at the
moment.

I'm betting it was broken behaviour that was mysteriously fixed.. and thus, I had to "clean" my config. (BTW, the NAT and Firewall instructions at FreeBSDDiary.org also list this way of aliasing interfaces, so I'm to wonder where the bad info may have started... maybe a kludge that worked for ages...)


--
Crist J. Clark                     |     cjclark@alum.mit.edu
                                   |     cjclark@jhu.edu
http://people.freebsd.org/~cjc/    |     cjc@freebsd.org


--
 
David A. Koran
(dak@solo.net) - http://www.solo.net/~dak/

PGP Key ID: 0x8AC39F65

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GIT/CS/SS d- s+: a- C+++$ UBLHSX++++$ P+++$ L- E--- W+++ N- o-- K-?
w--- O- M+++$ V-- PS++ PE- Y+>++ PGP t--@ 5 X+ R- tv b+ DI++++ D G
e*>+++ h++ r y+
------END GEEK CODE BLOCK------


--
David A. Koran
(dak@solo.net) - http://www.solo.net/~dak/

PGP Key ID: 0x8AC39F65

-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GIT/CS/SS d- s+: a- C+++$ UBLHSX++++$ P+++$ L- E--- W+++ N- o-- K-?
w--- O- M+++$ V-- PS++ PE- Y+>++ PGP t--@ 5 X+ R- tv b+ DI++++ D G
e*>+++ h++ r y+
------END GEEK CODE BLOCK------
--============_-1197209238==_ma============-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message