[LARTC] ip_alias??

[LARTC] ip_alias??

[streeterk]

[-- Attachment #1: Type: text/plain, Size: 184 bytes --]

What happened to ip_alias.  I found some reference to it being replaced in 2.4 Kernels, but replaced with what?  Anyone know of some good documentation on this subject??

TIA, Kurt

[-- Attachment #2: Type: text/html, Size: 599 bytes --]

Re: [LARTC] ip_alias??

[Jasper Spaans]

On Tue, Jun 12, 2001 at 10:57:36PM -0700, streeterk wrote:

> What happened to ip_alias.  I found some reference to it being replaced in
> 2.4 Kernels, but replaced with what?  Anyone know of some good
> documentation on this subject??

It has disappeared, however, its functionality hasn't (at least, partially).

First of all, install the new iproute package, urls can be found in the
howto.

You can now assign multiple addresses to one interface using something like

$ ip addr add 192.168.12.34/24 dev eth0

One thing to notice is that you will not have eth0:0 interfaces anymore.

The second step is verifying your interface has picked up the change:
you can see the addresses of your interfaces using

$ ip addr

Which now shows on my machine

2: eth0: <BROADCAST,MULTICAST,UP> mtu 1350 qdisc pfifo_fast qlen 100
    inet 10.0.0.7/24 brd 10.255.255.255 scope global eth0
    inet 192.168.12.34/24 scope global eth0

The last thing you might want to know is how to get rid of this extra
address:

$ ip addr del 192.168.12.34/24 dev eth0

does the trick.

For more information, please read the iproute documentation.

(Well, some pitfalls do exist, you cannot firewall on these interfaces
anymore, however, you'll have to rewrite your rules anyway because of the
transition to iptables, so that shouldn't be a problem)

Regards,
-- 
  Q_.           Jasper Spaans <j@sp3r.net>
 `~\            http://jsp.ds9a.nl/
Mr /\           Tel/Fax: +31-20-8749842
Zap             Move '.sig' for great justice!

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/

Re: [LARTC] ip_alias??

[Juri Haberland]

Jasper Spaans wrote:
> 
> On Tue, Jun 12, 2001 at 10:57:36PM -0700, streeterk wrote:
> 
> > What happened to ip_alias.  I found some reference to it being replaced in
> > 2.4 Kernels, but replaced with what?  Anyone know of some good
> > documentation on this subject??
> 
> It has disappeared, however, its functionality hasn't (at least, partially).

[--snip--]

> (Well, some pitfalls do exist, you cannot firewall on these interfaces
> anymore, however, you'll have to rewrite your rules anyway because of the
> transition to iptables, so that shouldn't be a problem)

Guys, excuse my ignorance, but can you point me to the original source
of that information? It's the very first time I heard of this and
actually I am still able to use something like 'ifconfig eth0:0 x.x.x.x
up'. And AFAIK it was never possible to use alias interfaces in
firewalling.

Maybe I missed some important information for years? (not impossible IMO
;-)

Juri

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/

RE: [LARTC] ip_alias??

[Daniel Bergqvist]

What do you mean with "cannot firewall on those interfaces"?

Regards,
Daniel

-----Original Message-----
From: lartc-admin@mailman.ds9a.nl [mailto:lartc-admin@mailman.ds9a.nl]On
Behalf Of Jasper Spaans
Sent: Wednesday, June 13, 2001 9:30 AM
To: streeterk
Cc: LARTC@mailman.ds9a.nl
Subject: Re: [LARTC] ip_alias??

(Well, some pitfalls do exist, you cannot firewall on these interfaces
anymore, however, you'll have to rewrite your rules anyway because of the
transition to iptables, so that shouldn't be a problem)

Regards,
--
  Q_.           Jasper Spaans <j@sp3r.net>
 `~\            http://jsp.ds9a.nl/
Mr /\           Tel/Fax: +31-20-8749842
Zap             Move '.sig' for great justice!

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO:
http://ds9a.nl/2.4Routing/


_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/

RE: [LARTC] ip_alias??

[Daniel Bergqvist]

http://defiant.coinet.com/iproute2/ip-cref/node18.html

Regards,
Daniel

-----Original Message-----
From: lartc-admin@mailman.ds9a.nl [mailto:lartc-admin@mailman.ds9a.nl]On
Behalf Of Juri Haberland
Sent: Wednesday, June 13, 2001 10:21 AM
To: Jasper Spaans
Cc: streeterk; LARTC@mailman.ds9a.nl
Subject: Re: [LARTC] ip_alias??
Guys, excuse my ignorance, but can you point me to the original source
of that information? It's the very first time I heard of this and
actually I am still able to use something like 'ifconfig eth0:0 x.x.x.x
up'. And AFAIK it was never possible to use alias interfaces in
firewalling.

Maybe I missed some important information for years? (not impossible IMO
;-)

Juri

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO:
http://ds9a.nl/2.4Routing/


_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/

Re: [LARTC] ip_alias??

[Juri Haberland]

Daniel Bergqvist wrote:
> 
> http://defiant.coinet.com/iproute2/ip-cref/node18.html

Thanks, Daniel, but I meant the information about that ip_alias is
deprecated in kernel 2.4 :-)

Juri


> -----Original Message-----
> From: lartc-admin@mailman.ds9a.nl [mailto:lartc-admin@mailman.ds9a.nl]On
> Behalf Of Juri Haberland
> Sent: Wednesday, June 13, 2001 10:21 AM
> To: Jasper Spaans
> Cc: streeterk; LARTC@mailman.ds9a.nl
> Subject: Re: [LARTC] ip_alias??
> Guys, excuse my ignorance, but can you point me to the original source
> of that information? It's the very first time I heard of this and
> actually I am still able to use something like 'ifconfig eth0:0 x.x.x.x
> up'. And AFAIK it was never possible to use alias interfaces in
> firewalling.
> 
> Maybe I missed some important information for years? (not impossible IMO
> ;-)

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/

RE: [LARTC] ip_alias??

[David Talbot]

Just a quick comment on the ip aliasing firewall, you can do it. A few years
back when I was more good looking than rich I only had one NIC card but
wanted to set up NAT behind someone else's network(Technically becoming
double NAT to get out to the real internet) and I had the same NIC handling
both sides of the connection. Of course don't try this at home unless you
can't afford the $20 a NIC goes for. The moral of the story: You can do it,
but you should avoid it. (2.2 Kernel, I can't testify as to 2.4, but if you
really need to do it there are a number of fine 2.2 kernels available :) )


NIC IP aliasing:
ip address add 192.168.0.1 dev eth0

Making a device alias for the nic(You were right):
ifconfig eth0:0 192.168.0.1 up

-David Talbot

-----Original Message-----
From: lartc-admin@mailman.ds9a.nl [mailto:lartc-admin@mailman.ds9a.nl]On
Behalf Of Juri Haberland
Sent: Wednesday, June 13, 2001 3:21 AM
To: Jasper Spaans
Cc: streeterk; LARTC@mailman.ds9a.nl
Subject: Re: [LARTC] ip_alias??


Jasper Spaans wrote:
>
> On Tue, Jun 12, 2001 at 10:57:36PM -0700, streeterk wrote:
>
> > What happened to ip_alias.  I found some reference to it being replaced
in
> > 2.4 Kernels, but replaced with what?  Anyone know of some good
> > documentation on this subject??
>
> It has disappeared, however, its functionality hasn't (at least,
partially).

[--snip--]

> (Well, some pitfalls do exist, you cannot firewall on these interfaces
> anymore, however, you'll have to rewrite your rules anyway because of the
> transition to iptables, so that shouldn't be a problem)

Guys, excuse my ignorance, but can you point me to the original source
of that information? It's the very first time I heard of this and
actually I am still able to use something like 'ifconfig eth0:0 x.x.x.x
up'. And AFAIK it was never possible to use alias interfaces in
firewalling.

Maybe I missed some important information for years? (not impossible IMO
;-)

Juri

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO:
http://ds9a.nl/2.4Routing/


_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/

Re: [LARTC] ip_alias??

[Juri Haberland]

streeterk wrote:
> 
> http://www.ibiblio.org/pub/micro/pc-stuff/Linux/docs/HOWTO/mini/IP-Alias
> 
> ----- Original Message -----
> From: "Juri Haberland" <haberland@altus.de>
> To: "Daniel Bergqvist" <daniel@netatonce.se>
> Cc: <LARTC@mailman.ds9a.nl>
> Sent: Wednesday, June 13, 2001 1:56 AM
> Subject: Re: [LARTC] ip_alias??
> 
> > Daniel Bergqvist wrote:
> > >
> > > http://defiant.coinet.com/iproute2/ip-cref/node18.html
> >
> > Thanks, Daniel, but I meant the information about that ip_alias is
> > deprecated in kernel 2.4 :-)

Thanks, but that leads to another question:

What are the benefits of using ip to assign another IP address to an
existing interface instead of using ifconfig?

Juri

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/

Re: [LARTC] ip_alias??

[Arthur van Leeuwen]

> What are the benefits of using ip to assign another IP address to an
> existing interface instead of using ifconfig?

Using the ip tool more closely resembles what is actually going on at the
kernel level. ifconfig has been hacked to allow the old syntax to work, but
it adds ip addresses to an interface, supplying the address with an address
identifier. However, it still is just another address on the interface.
ifconfig will get confused if you add more addresses to a single interface
without adding the 'pseudo-interface' address identifiers.

Doei, Arthur. (If this was too cryptic: I'm tired and drinking beer... :))

-- 
  /\    / |      arthurvl@sci.kun.nl      | Work like you don't need the money
 /__\  /  | A friend is someone with whom | Love like you have never been hurt
/    \/__ | you can dare to be yourself   | Dance like there's nobody watching


_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/