From owner-freebsd-questions@FreeBSD.ORG Thu Aug 29 21:07:20 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id F30AC1F4 for ; Thu, 29 Aug 2013 21:07:19 +0000 (UTC) (envelope-from gibblertron@gmail.com) Received: from mail-ob0-x22b.google.com (mail-ob0-x22b.google.com [IPv6:2607:f8b0:4003:c01::22b]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id B8DD32923 for ; Thu, 29 Aug 2013 21:07:19 +0000 (UTC) Received: by mail-ob0-f171.google.com with SMTP id tb18so1096154obb.30 for ; Thu, 29 Aug 2013 14:07:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=4fEhibjDqflWMe5mZz3IuImU83hwQ9eZPCSZKE8Sc3Y=; b=cl7p5nd5cpsw0KfvW4bhaXFEGmB1CjPh83Uzikj+NSV1fsBPYeQJzIXU6x0QNCE6z6 m7Omf1OJyzQqsVcRRU/9LjI007dVU4so/kcC8h1WPp1mHwKQNqqv2nA83IlBDF7kD2/v SDuejhbExZCNnkRb8lL5No2ykLh/B6ufleuRi4tV6Nn95ia+exb74XR/NOkPoRhwXzuh RRPFh1h7KzhqdTZzx+8HPu9I43AtIxLp5y9ijI7LgX6fzjD1qkpFIEoN4ZBdXOOZylB2 E1rusubQLOeCkdTZiJY3OlP1ERbcs/uFGeLIPWsbojRmEZ5TSeccRW2rmDe+wv2Omvk7 lZ0w== MIME-Version: 1.0 X-Received: by 10.60.145.241 with SMTP id sx17mr3039131oeb.57.1377810436971; Thu, 29 Aug 2013 14:07:16 -0700 (PDT) Received: by 10.182.45.228 with HTTP; Thu, 29 Aug 2013 14:07:16 -0700 (PDT) In-Reply-To: References: <521DC5EC.1010701@fjl.co.uk> <521E5976.8000605@fjl.co.uk> <521F0BD6.7040306@fjl.co.uk> <521F0E6B.8020507@fjl.co.uk> Date: Thu, 29 Aug 2013 14:07:16 -0700 Message-ID: Subject: Re: Jail with public IP alias From: Patrick To: Alejandro Imass Content-Type: text/plain; charset=ISO-8859-1 Cc: Frank Leonhardt , FreeBSD Questions X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Aug 2013 21:07:20 -0000 On Thu, Aug 29, 2013 at 12:07 PM, Alejandro Imass wrote: > On Thu, Aug 29, 2013 at 5:03 AM, Frank Leonhardt wrote: >> On 29/08/2013 09:52, Frank Leonhardt wrote: >>> > > Hi Frank thanks for taking the time to try to replicate this. Here is > all the detailed info > > 8.1-RELEASE > > em0: flags=8843 metric 0 mtu 1500 > options=209b > ether 00:31:88:bd:b9:3a > inet xxx.yyy.52.74 netmask 0xffffff80 broadcast xxx.yyy.52.127 > inet xxx.yyy.52.70 netmask 0xffffff80 broadcast xxx.yyy.52.127 > inet xxx.yyy.52.71 netmask 0xffffff80 broadcast xxx.yyy.52.127 > inet xxx.yyy.52.73 netmask 0xffffff80 broadcast xxx.yyy.52.127 > media: Ethernet autoselect (1000baseT ) > status: active > > I use rc.conf standard practice for aliases: > > ifconfig_em0="inet xxx.yyy.52.74 netmask 255.255.255.128 -tso" > ifconfig_em0_alias0="inet xxx.yyy.52.70 netmask 255.255.255.128 -tso" > ifconfig_em0_alias1="inet xxx.yyy.52.71 netmask 255.255.255.128 -tso" > ifconfig_em0_alias2="inet xxx.yyy.52.73 netmask 255.255.255.128 -tso" > > nune# netstat -rn > Routing tables > > Internet: > Destination Gateway Flags Refs Use Netif Expire > default xxx.yyy.52.1 UGS 168 182183463 em0 > 127.0.0.1 link#4 UH 0 0 lo0 > [... internal aliases to lo0 here...] > xxx.yyy.52.0/25 link#1 U 0 68581 em0 > xxx.yyy.52.70 link#1 UHS 0 14363 lo0 > xxx.yyy.52.71 link#1 UHS 0 64765 lo0 > xxx.yyy.52.73 link#1 UHS 0 0 lo0 > xxx.yyy.52.74 link#1 UHS 0 29170 lo0 > > Note the Netif Expire on 71,73,74 are showing lo0 could this be the problem? > > nune# ssh -b xxx.yyy.52.71 foo@bar > Password: > >> w -n > 3:15PM up 130 days, 22:30, 3 users, load averages: 0.00, 0.02, 0.00 > USER TTY FROM LOGIN@ IDLE WHAT > [...] > foo pts/24 xxx.yyy.52.74 3:14PM - w -n > > I don't know why mine is showing 74 and from your example it should be > showing 71. Did you see the article below? > > http://serverfault.com/questions/12285/when-ip-aliasing-how-does-the-os-determine-which-ip-address-will-be-used-as-sour > > This seems to be a pretty common issue or it's just a > miss-configuration problem? > > Thanks! > > Alejandro Imass > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" Aliases should have a netmask of 255.255.255.255. What you seeing is not typical behaviour on FreeBSD. http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/configtuning-virtual-hosts.html Patrick