From owner-freebsd-stable Wed Oct 9 17:20:13 2002 Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E585037B401 for ; Wed, 9 Oct 2002 17:20:11 -0700 (PDT) Received: from devil.tebokkel.com (ptb.xs4all.nl [80.126.6.185]) by mx1.FreeBSD.org (Postfix) with ESMTP id 25DAF43E4A for ; Wed, 9 Oct 2002 17:20:10 -0700 (PDT) (envelope-from paul@tebokkel.com) Received: from devil.tebokkel.com (localhost [127.0.0.1]) by devil.tebokkel.com (8.12.6/8.12.6) with ESMTP id g9A0JwKt012698; Thu, 10 Oct 2002 02:19:58 +0200 (CEST) (envelope-from paul@devil.tebokkel.com) Received: (from paul@localhost) by devil.tebokkel.com (8.12.6/8.12.6/Submit) id g9A0Jvw3012697; Thu, 10 Oct 2002 02:19:57 +0200 (CEST) (envelope-from paul) Date: Thu, 10 Oct 2002 02:19:56 +0200 From: Paul te Bokkel To: Matthew Dillon Cc: Bill Moran , Thomas Quinot , freebsd-stable@FreeBSD.ORG Subject: Re: Setup routing entry for host with a non-local IP address Message-ID: <20021010001956.GA58085@tebokkel.com> References: <20021009151733.GA15162@melusine.cuivre.fr.eu.org> <20021009210242.GA34352@tebokkel.com> <3DA49D72.6070205@potentialtech.com> <200210092201.g99M1YTA007964@apollo.backplane.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200210092201.g99M1YTA007964@apollo.backplane.com> User-Agent: Mutt/1.4i Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Wed, Oct 09, 2002 at 03:01:34PM -0700, Matthew Dillon wrote: > Yes, you can put multiple subnets or multiple addresses on the same > subnet on the same physical interface. I do it all the time: > > fxp0: flags=8843 mtu 1500 > inet 216.240.41.17 netmask 0xffffffc0 broadcast 216.240.41.63 > inet 10.0.0.2 netmask 0xffffff00 broadcast 10.0.0.255 > inet 216.240.41.21 netmask 0xffffffff broadcast 216.240.41.21 That's what I said.. However, I would never use the above setup if it's supposed to be secure. Anyone with access to a machine in the 41.1-41.62 range would be able to sniff the 10-net, which would not like. (maybe your setup allows for this, but I wouldn't mind the cost of a $6 el-cheapo NIC and a crosscable to get more secure, it's even cheaper than the time spend typing this mail ;-) ). > > There a couple of issues here. First, you have to think of the > physical interface as being two physical interfaces even though > there is really just one. But in the case of two physical interfaces on the same (physical) segment, you get ARP errors. With aliases, you don't. Regards, Paul To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message