From mboxrd@z Thu Jan 1 00:00:00 1970 From: Ard van Breemen Date: Wed, 13 Feb 2002 16:07:35 +0000 Subject: Re: [LARTC] Proxy Arp with same left/right IP address. Message-Id: List-Id: References: In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org On Wed, Feb 13, 2002 at 11:00:35AM -0500, Adrian Chung wrote: > On Wed, Feb 13, 2002 at 04:52:09PM +0100, Ard van Breemen wrote: > > The theory behind it: the IP protocol driver needs to be bound to the > > device. This is done by giving any (bogus) ip address to an interface. > > Only after the IP protocol driver is bound to the interface you can use > > it for IP. > > /proc/sys/net/ipv4/conf will only show interfaces bound to the IP > > protocol... :) > > > > Of course: you cannot reach the firewall, and the firewall can't reach > > you. You need a non-bogus ip address for that... (Hmmmm: ssh 127.0.0.1 > > .. Hah! I hacked the firewall.... shutdown -h now ... Uh? ;) ) > Is this for real? So you bind 127.0.0.1 to both eth0 and eth1, not > using an ISP assigned IP at all on the bridging box, and you'd still > be able to route from the ISP's network through to machines on the ISP > assigned network? Be careful however, you don't want to send icmp_host_unreachables with source ip 127.0.0.1, I don't think they get far. Anyway, 127.0.0.1 is as far as I know a special adres, also for the kernel. I haven't experimented with that... If you want to have any sane outgoing source ip addresses, you also have to set the default source ip for the outgoing routes. -- Telegraaf Elektronische Media http://wwwijzer.nl http://leerquoten.monster.org/ http://www.faqs.org/rfcs/rfc1855.html Let your government know you value your freedom. Sign the petition: http://petition.eurolinux.org/ _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/