From owner-freebsd-net@FreeBSD.ORG Mon May 28 08:22:24 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 467F216A46B for ; Mon, 28 May 2007 08:22:24 +0000 (UTC) (envelope-from julian@elischer.org) Received: from outH.internet-mail-service.net (outH.internet-mail-service.net [216.240.47.231]) by mx1.freebsd.org (Postfix) with ESMTP id 2FEAC13C480 for ; Mon, 28 May 2007 08:22:24 +0000 (UTC) (envelope-from julian@elischer.org) Received: from mx0.idiom.com (HELO idiom.com) (216.240.32.160) by out.internet-mail-service.net (qpsmtpd/0.32) with ESMTP; Mon, 28 May 2007 01:22:23 -0700 Received: from julian-mac.elischer.org (home.elischer.org [216.240.48.38]) by idiom.com (Postfix) with ESMTP id 3D45D125B2F; Mon, 28 May 2007 01:22:23 -0700 (PDT) Message-ID: <465A914A.3040408@elischer.org> Date: Mon, 28 May 2007 01:22:34 -0700 From: Julian Elischer User-Agent: Thunderbird 2.0.0.0 (Macintosh/20070326) MIME-Version: 1.0 To: freebsd-net@freebsd.org, Andrei Manescu References: <000e01c79f03$b2cfce70$5501a8c0@ivorde> <08556012-CA57-4B2A-A142-F5C1BC8D9009@mac.com> <20070527110741.GC78927@obelix.dsto.defence.gov.au> <20070528074321.GF35160@void.codelabs.ru> <20070528080132.GH84763@obelix.dsto.defence.gov.au> In-Reply-To: <20070528080132.GH84763@obelix.dsto.defence.gov.au> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Subject: Re: two public ip addresses on one interface X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 May 2007 08:22:24 -0000 Wilkinson, Alex wrote: > 0n Mon, May 28, 2007 at 11:43:21AM +0400, Eygene Ryabinkin wrote: > > >Alex, good day. > > > >Sun, May 27, 2007 at 07:07:41PM +0800, Wilkinson, Alex wrote: > >> > If your aliases are part of the same subnet as the "primary" or first configured IP, then you want to > >> > use the all-1's netmask. In your case, however, the second IP is part of a completely different subnet, > >> > and you can (and should) use a /24 netmask.... > >> > >> I have always wondered why we need to use the "all-1's" netmask. Why is this ? > > > >Because if you're stuffing two addresses from the same subnet to > >one interface it will not work: there can be only one route to the > >specified network in the FreeBSD routing table. And adding IP to > >the interface creates the entry in the routing table. So you should > >specify the different mask and most probably 0xffffffff will be the > >best choice, but your mileage may vary with your routing needs. > > mmm ... it looks like you can actually get around this on OpenBSD 4.1 > with their new "multiple routing table" code. > > "Multiple routing tables. What does it mean for PF? > > Henning Brauer: > The kernel used to have one routing table per address > family--one for inet, one for inet6, one for IPsec, usually. Now it can have > multiple tables. From within PF, you can select which routing table should be > used for the route lookup later--you can implement policy routing with this. But > much more could be done--this is really only the groundwork. It could be > possible, in future, to have overlapping address ranges on interfaces and place > interfaces into different routing tables, forming a kind of virtual routers. And > of course, the routing daemons will learn to make more use of alternate > tables." the trouble I have with this is that by the time pf or ipfw get to the packet, the routing has already been done. > > [http://www.onlamp.com/pub/a/bsd/2007/05/03/openbsd-41-puffy-strikes-again.html?page=2] > > -aW > > IMPORTANT: This email remains the property of the Australian Defence Organisation and is subject to the jurisdiction of section 70 of the CRIMES ACT 1914. If you have received this email in error, you are requested to contact the sender and delete the email. > > > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"