Date: Mon, 28 May 2007 16:01:32 +0800 From: "Wilkinson, Alex" <alex.wilkinson@dsto.defence.gov.au> To: freebsd-net@freebsd.org, Andrei Manescu <andrei.manescu@clicknet.ro> Subject: Re: two public ip addresses on one interface Message-ID: <20070528080132.GH84763@obelix.dsto.defence.gov.au> In-Reply-To: <20070528074321.GF35160@void.codelabs.ru> References: <000e01c79f03$b2cfce70$5501a8c0@ivorde> <08556012-CA57-4B2A-A142-F5C1BC8D9009@mac.com> <20070527110741.GC78927@obelix.dsto.defence.gov.au> <20070528074321.GF35160@void.codelabs.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
0n Mon, May 28, 2007 at 11:43:21AM +0400, Eygene Ryabinkin wrote:
>Alex, good day.
>
>Sun, May 27, 2007 at 07:07:41PM +0800, Wilkinson, Alex wrote:
>> > If your aliases are part of the same subnet as the "primary" or first configured IP, then you want to
>> > use the all-1's netmask. In your case, however, the second IP is part of a completely different subnet,
>> > and you can (and should) use a /24 netmask....
>>
>> I have always wondered why we need to use the "all-1's" netmask. Why is this ?
>
>Because if you're stuffing two addresses from the same subnet to
>one interface it will not work: there can be only one route to the
>specified network in the FreeBSD routing table. And adding IP to
>the interface creates the entry in the routing table. So you should
>specify the different mask and most probably 0xffffffff will be the
>best choice, but your mileage may vary with your routing needs.
mmm ... it looks like you can actually get around this on OpenBSD 4.1
with their new "multiple routing table" code.
"Multiple routing tables. What does it mean for PF?
Henning Brauer:
The kernel used to have one routing table per address
family--one for inet, one for inet6, one for IPsec, usually. Now it can have
multiple tables. From within PF, you can select which routing table should be
used for the route lookup later--you can implement policy routing with this. But
much more could be done--this is really only the groundwork. It could be
possible, in future, to have overlapping address ranges on interfaces and place
interfaces into different routing tables, forming a kind of virtual routers. And
of course, the routing daemons will learn to make more use of alternate
tables."
[http://www.onlamp.com/pub/a/bsd/2007/05/03/openbsd-41-puffy-strikes-again.html?page=2]
-aW
IMPORTANT: This email remains the property of the Australian Defence Organisation and is subject to the jurisdiction of section 70 of the CRIMES ACT 1914. If you have received this email in error, you are requested to contact the sender and delete the email.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070528080132.GH84763>