Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 25 Feb 1997 16:08:57 -0800 (PST)
From:      Michael Dillon <michael@memra.com>
To:        freebsd-isp@freebsd.org
Subject:   interface defaults again (Re: BGP announcements and small providers)
Message-ID:  <Pine.BSI.3.93.970225160823.1804V-100000@sidhe.memra.com>
next in thread | raw e-mail | index | archive | help 

---------- Forwarded message ----------
Date: Tue, 25 Feb 1997 13:23:58 -0800
From: Paul A Vixie <paul@vix.com>
To: nanog@merit.edu
Subject: interface defaults again (Re: BGP announcements and small providers )

> Knowing that NSPs are filtering /24s, how does an Internet Content
> Provider (ICP) with just a /24 (all that is needed) that is wishing
> to be dual-homed see all of the net?

Why even use a /24?  Here  is a "netstat -nr" from an interface default
client, which has an RFC1597 private network for its content server and a
BSD/OS 2.1 squid accelerator front-ending it.

	Destination      Gateway            Flags     Refs     Use  Interface
	default:de1      137.39.63.225      UGS         1        0  de1
	default:de2      204.74.120.1       UGS         1        0  de2
	default          137.39.63.225      UGS      1523 15365222  de1
	127              127.0.0.1          UGRS        0        0  lo0
	127.0.0.1        127.0.0.1          UH         11     6482  lo0
	137.39.63.224/27 link#2             UC          0        0  de1
	137.39.63.225    0:0:c:35:29:a0     UHL         1      307  de1
	137.39.63.227    0:0:f8:1:a5:8e     UHL         0       16  de1
	137.39.63.228    0:a0:24:94:5b:e9   UHL         0        3  de1
	137.39.63.255    link#2             UHL         0        1  de1
	192.168.1        link#1             UC          0        0  de0
	192.168.1.1      0:0:f8:2:b3:66     UHL         1       20  lo0
	192.168.1.2      8:0:69:2:65:e7     UHL         2   793220  de0
	192.168.1.255    link#1             UHL         1      206  de0
	204.74.120/27    link#3             UC          0        0  de2
	204.74.120.31    link#3             UHL         0        1  de2
	224/8            link#1             UC          0        0  de0

The diffs are all PD and should apply OK against other BSDish systems.  I
gave a more detailed talk about this at SF NANOG.  The diffs are also quite
short.

	% ftp ftp.vix.com
	ftp> cd pub/vixie/ifdefault
	ftp> ls
	-rw-rw-r--  1 716  ten  1731 Jan 31 06:15 ifconfig-diffs
	-rw-rw-r--  1 716  ten  5386 Jan 31 05:59 kernel-diffs
	-rw-rw-r--  1 716  ten  3696 Jan 31 06:23 netstat-diffs

You also need to set up a "socket" forwarder for things you want to be
handled by the private-net device:

  telnet  stream  tcp  nowait nobody /usr/libexec/tcpd socket 192.168.1.2 23
  other-ssl stream tcp nowait nobody /usr/libexec/socket socket 192.168.1.2 145

There's a small amount of sendmail.cf work needed to masquerade as the private
host and relay mail between the different address spaces.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSI.3.93.970225160823.1804V-100000>