Re: IP Aliasing: IPs Switched?

From: Lainee Scott
Date: Mon Nov 24 2008 - 20:36:12 EST


Pascal, thanks. I suspect that in your opinion changing to_filter won't solve my problem. Any idea what might? Is there any other info I can provide to get some more guidance?

Thanks.

Pascal Hambourg wrote:
> Hello,
> Lainee Scott a écrit :
>> --- On Thu, 11/20/08, Stephen Hemminger <shemminger@xxxxxxxxxx> wrote:
>>
>>> Linux uses weak host model, and BSD used strong host model.
> What has the host model to do with IP aliasing ? The aliases are on the same interface, so the host model should not matter.
>> # cd /proc/sys/net/ipv4/conf/
>> # find . -name rp_filter
>> ./all/rp_filter
>> ./default/rp_filter
>> ./lo/rp_filter
>> ./eth0/rp_filter
>> ./eth1/rp_filter
> [...]
>> rp_filter is set to 1 for all. 0 for the rest.
> This means that source validation is disabled for all interfaces, as the operational value for an interface is the logical AND between the value in all and the interface-specific value. However AFAIK rp_filter has nothing to do with IP aliases nor the host model, it just enables source validation based on reverse path.
>> I believe there are 3 settings for rp_filter - 0, 1, 2.
> No, rp_filter is a boolean. Aren't you confusing with arp_ignore ?
>> Also, I did not explicitly add routes for the aliased interfaces like this:
>>
>> /sbin/route add -host 172.16.3.10 dev eth0:0
>> /sbin/route add -host 172.16.3.100 dev eth0:1
>>
>> (cut and pasted from this FAQ http://www.faqs.org/docs/Linux-mini/IP-Alias.html)
>>
>> Might this be the issue? Do I need to add these?
> No, these routes are totally bogus and useless. You do not have to bother about this : the proper routes are automatically created when an address (main or alias) is added to the interface.
> --
> To unsubscribe from this list: send the line "unsubscribe linux-net" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at http://vger.kernel.org/majordomo-info.html




--
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html