What's new on the 127.0.0/24 block in 7?

Chris H. chris# at 1command.com
Tue Mar 4 10:23:30 UTC 2008 

Quoting Jeremy Chadwick <koitsu at freebsd.org>:

> On Tue, Mar 04, 2008 at 12:03:20AM -0800, Chris H. wrote:
>> I have absolutely no idea why FBSD v7 (on 2 machines) will only
>> dole out 127.0.0.1, while all my other servers running RELENG_6 all
>> dole out a /minimum/ of 127.0.0.1/8 by default. But, having just now
>> modified the default rc for ifconfig_lo0 to a 255.255.255.0 netmask
>> now makes a different response when querying rbldnsd.
>
> Okay, let's back up here.
>
> The reason your FreeBSD machines don't respond on addresses other than
> 127.0.0.1 is because your lo0 interface does not have 127.0.0.2 and
> 127.0.0.3 addresses bound to them.  These are called IP aliases.  To add
> them, do the following:
>
>  # ifconfig lo0 inet 127.0.0.2 netmask 255.255.255.255 alias
>  # ifconfig lo0 inet 127.0.0.3 netmask 255.255.255.255 alias
>
> The netmask specified on an alias line is important!  Use what I showed;
> do not argue.  And yes, Linux does it differently.
>
> To make this work on bootup, add the following to rc.conf:
>
>  ifconfig_lo0_alias0="inet 127.0.0.2 netmask 255.255.255.255"
>  ifconfig_lo0_alias1="inet 127.0.0.3 netmask 255.255.255.255"
>
> You do not need an "ifconfig_lo0" line in /etc/rc.conf; there is already
> one in /etc/defaults/rc.conf which will be used correctly.
>
> Secondly, on both RELENG_6 and RELENG_7, when the 127.0.0.1 address is
> assigned to lo0, the netmask used is 255.0.0.0.  Evidence:
>
> $ uname -r
> 6.3-PRERELEASE
> $ grep lo0 /etc/rc.conf
> $ grep lo0 /etc/defaults/rc.conf
> ifconfig_lo0="inet 127.0.0.1"   # default loopback device configuration.
> #ifconfig_lo0_alias0="inet 127.0.0.254 netmask 0xffffffff" # Sample 
> alias entry.
> $ ifconfig lo0
> lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
>        inet 127.0.0.1 netmask 0xff000000
>
> $ uname -r
> 7.0-STABLE
> $ grep lo0 /etc/rc.conf
> $ grep lo0 /etc/defaults/rc.conf
> ifconfig_lo0="inet 127.0.0.1"   # default loopback device configuration.
> #ifconfig_lo0_alias0="inet 127.0.0.254 netmask 0xffffffff" # Sample 
> alias entry.
> $ ifconfig lo0
> lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
>        inet 127.0.0.1 netmask 0xff000000
>
> Thirdly, it's pretty apparent you don't understand what a netmask does.
> Machines don't "dole out 127.0.0.1/8" -- this phrase makes no sense.
>
> A netmask is what defines a region of IP address space in which a
> machine within said region will honour packets within.  More
> specifically: it tells the machine "for any IP address you have bound to
> this interface, respond to packets destined to the broadcast address of
> that network region".
>
> For example, if you had a network region of 192.168.1.0/24 (in English,
> the region would be 192.168.1.0 to 192.168.1.255), your broadcast
> address would be 192.168.1.255.  Your network address is 192.168.1.0,
> but that's for another discussion.
>
> If you put a machine on that network as 192.168.1.200, and give it a
> netmask of 255.255.255.0, it will respond to any packets destined to
> 192.168.1.100 (obviously), but will also respond to packets destined to
> the broadcast address (192.168.1.255).
>
> If you then put another box on the network as 192.168.1.7, and give it a
> netmask of 255.255.255.128 (/25), it should not be able to see
> 192.168.1.200.  Broadcast packets from 192.168.1.7 would be going to
> 192.168.1.128 (its "view" of the network would be 192.168.1.0 to
> 192.168.1.128).
>
> This is a completely different beast than IP aliasing, but hopefully my
> explanation helps regardless.

OK, OK. <deep breath>. Sorry for all the noise. I've been
struggling with all this for w-a-y too long, and am w-a-y
too keyed up over it. I'm /not/ being concise, I'm making
no sense at all. Sorry.
To the point;
Indeed, I fully understand all of this - no, /really/. :)
I've been managing IP blocks for as long as I can remember
(or care to), and yes, everything you thoughtfully explained
is absolutely correct. I know.
What I am having absolutely no understanding of; is why do
2 FBSD servers sharing the same setups, and the same stock
lo0 setups react /completely/ differently than each other,
when the only difference is the version of FBSD, and the
version of the BIND?
RELENG_6 server has nothing more than the 7-RC3 regarding
lo0 (/etc/defaults/rc.conf: ifconfig_lo0="inet 127.0.0.1").
when I start rbldnsd on the RELENG_6's primary IP port:530
with a zone file using 127.0.0.2 && a zone file using
127.0.0.3. Everything works like a charm.
Yet same setup, same config, different FBSD version;
nothing works as it did before.

What "magic" occurred on the RELENG_6 boxen? I have spent
5 days attempting to ascertain this - to no avail. In my
desperation, I came here, thinking there /must/ be
something different that I am unable to see, or is perhaps,
undocumented. I know; it defies all NET logic. But it /did/
and /will/ work /every/ time on the RELENG_6 boxen. Yet,
there is no difference in the configs.

Really, I'm not a NET idiot. I am (for the most part)
happily managing some 200 domains, and with the exception
of this little episode, having no trouble with their
management at all.

Thank you very much for all the time you spent on this.
I greatly appreciate it. I hope you are better able to
understand all my confusion now. :)

--Chris H


>
> --
> | Jeremy Chadwick                                    jdc at parodius.com |
> | Parodius Networking                           http://www.parodius.com/ |
> | UNIX Systems Administrator                      Mountain View, CA, USA |
> | Making life hard for others since 1977.                  PGP: 4BD6C0CB |
>
> _______________________________________________
> freebsd-stable at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"
>



-- 
panic: kernel trap (ignored)

More information about the freebsd-stable mailing list