Date: Thu, 27 Sep 2001 10:17:45 -0400 From: Kutulu <kutulu@kutulu.org> To: Mike Porter <mupi@mknet.org> Cc: swear@blarg.net (Gary W. Swearingen), Jamie Norwood <mistwolf@mushhaven.net>, freebsd-stable@FreeBSD.ORG Subject: Re: 127/8 continued Message-ID: <5.1.0.14.0.20010927100649.009ff800@127.0.0.1> In-Reply-To: <200109271411.f8REBNH02164@c1828785-a.saltlk1.ut.home.com> References: <i5vgi5tx0h.gi5@localhost.localdomain> <20010924094048.X5906-100000@coredump.scriptkiddie.org> <20010926134253.A65444@mushhaven.net> <i5vgi5tx0h.gi5@localhost.localdomain>
next in thread | previous in thread | raw e-mail | index | archive | help
At 08:11 AM 09/27/2001 -0600, Mike Porter wrote: > (Yes, you can alias more than one IP to an >interface, however, IIUC, this affects the listening for packets, not the >sending of packets, packets sent out an interface receive the primary >interface address (somebody correct me if I'm wrong?). It's possible to specify any of the local IP addresses when you call bind() on a newly created socket. However, it's mostly program-specific whether this actually happens or how to specify which. Typically you find IRC programs like BitchX doing this to allow people to use vanity hostnames, but I'm sure there are more legitimate reasons for it as well. >However, with a /29, >you could use a 1-to-1 NAT, which should eliminate any of the problems >typically associated with NAT. Unless your NAT application also contains very good content manipuilation rules, protocols in the vein of FTP which pass IP numbers as part of the packet's payload will still have problems. Apart from that, however, I can vouch for the fact that this setup works. I have used it in the past, when my former employer made the mistake of chooing $LOCAL_TELCO for our network provider, and they would only give us a /28 to share among 12 machines. We were unable to set up a true DMZ with just one web server in it and still have room for the remaining 10 machines on the other subnet, so we ended up using NAT and adding a few strategic static routes on the gateway/firewall, webserver, and for good measure, the router. --K To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.0.14.0.20010927100649.009ff800>