From owner-freebsd-questions@FreeBSD.ORG Tue Jan 31 13:56:28 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 01EAF16A420 for ; Tue, 31 Jan 2006 13:56:28 +0000 (GMT) (envelope-from cswiger@mac.com) Received: from pi.codefab.com (pi.codefab.com [199.103.21.227]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8D21543D46 for ; Tue, 31 Jan 2006 13:56:27 +0000 (GMT) (envelope-from cswiger@mac.com) Received: from localhost (localhost [127.0.0.1]) by pi.codefab.com (Postfix) with ESMTP id A77445D62; Tue, 31 Jan 2006 08:56:26 -0500 (EST) Received: from pi.codefab.com ([127.0.0.1]) by localhost (pi.codefab.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 69728-03; Tue, 31 Jan 2006 08:56:25 -0500 (EST) Received: from [192.168.1.3] (pool-68-161-67-226.ny325.east.verizon.net [68.161.67.226]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by pi.codefab.com (Postfix) with ESMTP id 7843F5D54; Tue, 31 Jan 2006 08:56:25 -0500 (EST) Message-ID: <43DF6C94.7090404@mac.com> Date: Tue, 31 Jan 2006 08:56:36 -0500 From: Chuck Swiger Organization: The Courts of Chaos User-Agent: Thunderbird 1.5 (Windows/20051201) MIME-Version: 1.0 To: tomasflyer@netscape.net References: <8C7F4678970ACD2-1EFC-9D50@mblkn-m01.sysops.aol.com> In-Reply-To: <8C7F4678970ACD2-1EFC-9D50@mblkn-m01.sysops.aol.com> X-Enigmail-Version: 0.94.0.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Virus-Scanned: amavisd-new at codefab.com Cc: freebsd-questions@freebsd.org Subject: Re: How many IP address aliases can practically be used on one physical Ethernet interface? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 31 Jan 2006 13:56:28 -0000 tomasflyer@netscape.net wrote: > I am implementing and using a test bed simulating a huge amount of IP > clients, each preferable having a unique IP address. There is no, no way > to have an individual physical interface for each simulated client so I > use IP aliases. Use BPF or libnet to generate test traffic using spoofed IPs, rather than actually configuring a machine with thousands of IPs. There are also companies which make hardware IP traffic generators, if you want to buy a solution rather than building one. For most purposes, generating 1000 connection requests from one host using 1 IP is pretty close to generating 1000 connection requests from one host using 1000 IPs. > So I became quite optimistic reading about Virtual Hosts and IP aliases > in the FreeBSD handbook chapter 11.9: > > http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/configtuning-vi > rtual-hosts.html > > "A given network interface has one "real" address, and may have any > number of "alias" addresses". > > So is this really true and where is the catch? Will a FreeBSD 6.0 accept > for example 8190 IP address aliases each on say five physical Ethernet > interfaces? Will IP addresses be manageable to add, list and delete? And > how much will networking performance degrade compared to using just a > few aliases? I have heard of people using hundreds of aliases OK, even though I am dubious about the merits of doing so. I don't know whether FreeBSD can deal with ~41000 configured IP addresses on a system at all, but I doubt that a normal person would consider such a setup "manageable". Consider using IPFW divert sockets instead. You should also look into dummynet. > I can add that there is no forwarding or routing through a simulator box > except IP traffic to and from the client simulation running inside. What about ARP traffic? In most cases, machines with hundreds or thousands of clients are dealing with them remotely, not locally, so all of the traffic just goes between the host and it's upstream Internet-facing router, involving minimal layer-2 resolution. Your setup with tens of thousands of local IPs is going to involve massive ARP traffic which does not happen with most internet server scenarios. You're likely to encounter other issues: most network switches have a limited capacity for their ARP tables, and are restricted to 1024 or perhaps 4096 entries. -- -Chuck