Re: ip aliasing, virtual interfaces and incorrect source addresses...

To: debian-firewall@lists.debian.org
Subject: Re: ip aliasing, virtual interfaces and incorrect source addresses...
From: Mike Mestnik <cheako911@yahoo.com>
Date: Tue, 23 Dec 2003 15:58:43 -0800 (PST)
Message-id: <[🔎] 20031223235843.61694.qmail@web11903.mail.yahoo.com>
In-reply-to: <[🔎] 200312241035.42798.lists@n12turbo.com>

Here is what I'm thinking, route would be setup like so...
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.0.0.0        0.0.0.0         255.255.255.0   U     0      0        0 eth0
0.0.0.0         10.0.0.1        0.0.0.0         UG    0      0        0 eth0

Then when the alias is set up, dose that change the localnet route to point at eth0:0?
I can't reproduce any thing like that on my setup 2.6.0-test9-1-386.

--- Tarragon Allen <lists@n12turbo.com> wrote:
> > --- Tarragon Allen <lists@n12turbo.com> wrote:
> > > On Wednesday 24 December 2003 08:23, Matthew Whitworth wrote:
> > > > I have a host (eth0 = 10.0.30.251) to which I recently added a virtual
> > > > interface (eth0:0 = 10.0.30.249).  Now all  traffic that originates
> > > > from this host has the source address of eth0:0, which is causing some
> > > > problems with a firewall that I don't control.
> > >
> > > Annoying isn't it?
> > >
> > > Try setting the second IP address as an alias on the *loopback* adapter,
> > > ie: lo:0. Use a bitmask of 255.255.255.255 otherwise strange things may
> > > happen. This should force the system to only use the "real" address for
> > > outgoing requests, but it will still accept connections to the aliases
> > > address.
> 
> On Wednesday 24 December 2003 10:28, Mike Mestnik wrote:
> > Has this problem been reported to the linux kernel ppl?  Has it been fixed?
> > It might also help to mention what versions are affected.
> >
> > mike
> 
> Yes, it's known about. I think the general response would be that it's up to 
> the userspace program, not the kernel, to decide what IP to bind to. If the 
> userspace doesn't care, then the kernel will pick one, usually the same 
> subnet IP if the destination is directly accessible, or the closest IP to the 
> gateway.
> 
> It's not a problem per se.
> 
> t
> -- 
> GPG: http://n12turbo.com/tarragon/public.key
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> 


__________________________________
Do you Yahoo!?
New Yahoo! Photos - easier uploading and sharing.
http://photos.yahoo.com/

Reply to:

Follow-Ups:
- Re: ip aliasing, virtual interfaces and incorrect source addresses...
  - From: Tarragon Allen <tarragon@onthe.net.au>

References:
- Re: ip aliasing, virtual interfaces and incorrect source addresses...
  - From: Tarragon Allen <lists@n12turbo.com>

Prev by Date: Re: ip aliasing, virtual interfaces and incorrect source addresses...
Next by Date: Re: ip aliasing, virtual interfaces and incorrect source addresses...
Previous by thread: Re: ip aliasing, virtual interfaces and incorrect source addresses...
Next by thread: Re: ip aliasing, virtual interfaces and incorrect source addresses...
Index(es):
- Date
- Thread