blocking internally
Kevin Stevens
freebsd at pursued-with.net
Mon Jun 21 13:33:43 PDT 2004
Was there any followup on this, John? -- KeS
On Sat, 19 Jun 2004, Kevin Stevens wrote:
>
> On Jun 19, 2004, at 06:11, John Lee wrote:
>
> > hi, i have 7 ips on one box, however they can't connect internally
> > to each other IP ports. please advise.
>
> Counting below, you only reference 6 IP addresses on the box:
> 63.223.65.192, 63.223.65.193, 63.223.71.2, 63.223.71.3, 63.223.71.4,
> and 63.223.71.5. What's the seventh one?
>
> > here's my setup:
> >
> > rc.conf:
> > defaultrouter="63.223.65.1"
> > ifconfig_sis0="inet 63.223.65.192 netmask 255.255.255.0"
> >
> > /etc/ips.added:
> > ifconfig sis0 inet 63.223.65.193/32 alias
>
> Ok. BTW, these statements indicate that you own an entire class C of
> public address space. That seems unlikely, and if it's not the case,
> you shouldn't be using the addresses.
>
> > ifconfig sis0 inet 63.223.71.2/32 alias
> > ifconfig sis0 inet 63.223.71.3/32 alias
> > ifconfig sis0 inet 63.223.71.4/32 alias
> > ifconfig sis0 inet 63.223.71.5/32 alias
>
> Problem here. These addresses are not in the same subnet as the
> primary address (63.223.65.0/24). Therefore you shouldn't use a /32
> for them, you should use the actual netmask. This is definitely true
> for the FIRST 63.223.71.x address, and I *think* it's true for the
> others as well. I've never actually seen an example of assigning
> multiple IPs for a second subnet under FreeBSD.
>
> > route add 63.223.65.193 63.223.65.1
>
> This is broken. You're saying "route any traffic this host is sending,
> destined for itself, to an external gateway". I really doubt you want
> to do that.
>
> > route add 63.223.71.2 63.223.71.1
> > route add 63.223.71.3 63.223.71.1
> > route add 63.223.71.4 63.223.71.1
> > route add 63.223.71.5 63.223.71.1
>
> Again broken, for the same reasons. You don't normally enter routing
> statements for your OWN IP addresses, you enter routing statements that
> describe how to reach OTHER addresses/networks.
>
> KeS
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"
>
More information about the freebsd-questions
mailing list