* Multiple interfaces with the same IP address
@ 2009-10-07 19:36 Greg Wilson-Lindberg
2009-10-07 20:02 ` Rick Jones
0 siblings, 1 reply; 8+ messages in thread
From: Greg Wilson-Lindberg @ 2009-10-07 19:36 UTC (permalink / raw)
To: netfilter
At this point I'm just asking for a direction to go to get the information that I need. While I've
been writing low level networking software for many years, I've never had to get into routing.
Here's my problem, we have an environment where we have a machine with one ethernet connection to
the wider network and a number of HDLC cards that connect to other embedded systems that we NAT out
to the ethernet WAN.
------------------------------
| (172.16.4.9/12) hdlc2|---------\
| | |
WAN 10.0.0.0/8 ----| eth0 (10.1.32.x/8) | |
| | |
| (172.16.4.9/12) hdlc1|------\ |
| | | |
| (172.16.4.9/12) hdlc0|---\ | |
------------------------------ | | |
| | |
| | |
machine1a-------------------| | |
(172.24.127.249) | | |
(172.16.129.9) | | |
| | |
machine2a-------------------| | |
(172.24.0.37) | | |
(172.16.129.17) | | |
| | |
machine3a-------------------| | |
(172.24.0.41) | | |
(172.16.129.25) ... | |
| |
machine1b----------------------| |
(172.24.127.250) | |
(172.16.129.9) | |
| |
machine2b----------------------| |
(172.24.0.38) | |
(172.16.129.18) | |
| |
machine3b----------------------| |
(172.24.0.42) | |
(172.16.129.26) ... |
|
machine1c-------------------------|
(172.24.127.251) |
(172.16.129.11) |
|
machine2c-------------------------|
(172.24.0.39) |
(172.16.129.19) |
|
machine3c-------------------------|
(172.24.0.43) |
(172.16.129.27) |
...
As can be seen from the above diagram, the addresses on the HDLC channels are not on separate
subnets. We also have some broadcast addresses that the machines on the HDLC nets will need to
receive. We do know all of the addresses for all of the machines on the HDLC nets, but we could end
up with as many as 30-50 on each net. Most of the packets coming from the ethernet WAN will go to
just one of the HDLC nets, but the broadcast packets will need to go to all of them. Also, the HDLC
nets do not need to be able to communicate between themselves.
Can anybody at least point me in the proper direction on how I need to attack this problem?
Thanks in advance,
Greg Wilson-Lindberg
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: Multiple interfaces with the same IP address
2009-10-07 19:36 Multiple interfaces with the same IP address Greg Wilson-Lindberg
@ 2009-10-07 20:02 ` Rick Jones
2009-10-07 20:52 ` Greg Wilson-Lindberg
0 siblings, 1 reply; 8+ messages in thread
From: Rick Jones @ 2009-10-07 20:02 UTC (permalink / raw)
To: Greg Wilson-Lindberg; +Cc: netfilter
Greg Wilson-Lindberg wrote:
> At this point I'm just asking for a direction to go to get the
> information that I need. While I've been writing low level networking
> software for many years, I've never had to get into routing.
>
> Here's my problem, we have an environment where we have a machine with
> one ethernet connection to the wider network and a number of HDLC cards
> that connect to other embedded systems that we NAT out to the ethernet WAN.
>
> ------------------------------
> | (172.16.4.9/12) hdlc2|---------\
> | | |
> WAN 10.0.0.0/8 ----| eth0 (10.1.32.x/8) | |
> | | |
> | (172.16.4.9/12) hdlc1|------\ |
> | | | |
> | (172.16.4.9/12) hdlc0|---\ | |
> ------------------------------ | | |
> | | |
> | | |
> machine1a-------------------| | |
> (172.24.127.249) | | |
> (172.16.129.9) | | |
> | | |
> machine2a-------------------| | |
> (172.24.0.37) | | |
> (172.16.129.17) | | |
> | | |
> machine3a-------------------| | |
> (172.24.0.41) | | |
> (172.16.129.25) ... | |
> | |
> machine1b----------------------| |
> (172.24.127.250) | |
> (172.16.129.9) | |
> | |
> machine2b----------------------| |
> (172.24.0.38) | |
> (172.16.129.18) | |
> | |
> machine3b----------------------| |
> (172.24.0.42) | |
> (172.16.129.26) ... |
> |
> machine1c-------------------------|
> (172.24.127.251) |
> (172.16.129.11) |
> |
> machine2c-------------------------|
> (172.24.0.39) |
> (172.16.129.19) |
> |
> machine3c-------------------------|
> (172.24.0.43) |
> (172.16.129.27) |
> ...
>
> As can be seen from the above diagram, the addresses on the HDLC
> channels are not on separate subnets. We also have some broadcast
> addresses that the machines on the HDLC nets will need to receive. We
> do know all of the addresses for all of the machines on the HDLC nets,
> but we could end up with as many as 30-50 on each net. Most of the
> packets coming from the ethernet WAN will go to just one of the HDLC
> nets, but the broadcast packets will need to go to all of them. Also,
> the HDLC nets do not need to be able to communicate between themselves.
>
> Can anybody at least point me in the proper direction on how I need to
> attack this problem?
Is there a specific reason you cannot further subnet the 10.0.0.0/8 network for
your HDLC channels and eschew the NAT? Then at least ignoring the issue of
"routing" broadcast datagrams (these are IP broadcasts and not simply ethernet
broadcasts right?) reaching-out and touching the HDLC devices from the WAN would
seem to be more straightforward.
rick jones
visions of many static routing table entries floating through his head
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: Multiple interfaces with the same IP address
2009-10-07 20:02 ` Rick Jones
@ 2009-10-07 20:52 ` Greg Wilson-Lindberg
2009-10-07 21:15 ` Rick Jones
0 siblings, 1 reply; 8+ messages in thread
From: Greg Wilson-Lindberg @ 2009-10-07 20:52 UTC (permalink / raw)
To: Rick Jones; +Cc: Greg Wilson-Lindberg, netfilter@vger.kernel.org
Rick Jones wrote:
...
>
> Is there a specific reason you cannot further subnet the 10.0.0.0/8 network for
> your HDLC channels and eschew the NAT? Then at least ignoring the issue of
> "routing" broadcast datagrams (these are IP broadcasts and not simply ethernet
> broadcasts right?) reaching-out and touching the HDLC devices from the WAN would
> seem to be more straightforward.
>
> rick jones
> visions of many static routing table entries floating through his head
The 10.0.0.0/8 network is an existing network that has 100's of computers on it. We are planning on
using some 10.x.0.0/16 addresses to NETMAP to the 172.16.0.0/16 addresses in some limited
situations, but this doesn't solve the problem of routing to the correct HDLC channel to get to the
final destination.
Greg
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: Multiple interfaces with the same IP address
2009-10-07 20:52 ` Greg Wilson-Lindberg
@ 2009-10-07 21:15 ` Rick Jones
2009-10-07 21:21 ` Oskar Berggren
0 siblings, 1 reply; 8+ messages in thread
From: Rick Jones @ 2009-10-07 21:15 UTC (permalink / raw)
To: Greg Wilson-Lindberg; +Cc: Greg Wilson-Lindberg, netfilter@vger.kernel.org
Greg Wilson-Lindberg wrote:
>
> Rick Jones wrote:
> ...
>
>>
>> Is there a specific reason you cannot further subnet the 10.0.0.0/8
>> network for your HDLC channels and eschew the NAT? Then at least
>> ignoring the issue of "routing" broadcast datagrams (these are IP
>> broadcasts and not simply ethernet broadcasts right?) reaching-out and
>> touching the HDLC devices from the WAN would seem to be more
>> straightforward.
>>
>> rick jones
>> visions of many static routing table entries floating through his head
>
>
> The 10.0.0.0/8 network is an existing network that has 100's of
> computers on it.
Not knowing (perhaps I just missed it) "the rest of the story" (a la Paul
Harvey), simply 100's of computers doesn't sound like all that much for a
renumbering - should it come to that.
Are the IPs of the "HDLC machines" similarly constrained?
> We are planning on using some 10.x.0.0/16 addresses
> to NETMAP to the 172.16.0.0/16 addresses in some limited situations, but
> this doesn't solve the problem of routing to the correct HDLC channel to
> get to the final destination.
I have not fully parsed the manpage for the ip command, but it does have tidbits
which suggest being able to specify interfaces by name when manipulating routing
tables. If that is correct you should be able to add specific host routes
pointing-out specific interface names if you are indeed forced to put assign the
same IP address to each of the HCLC interfaces on the "gateway."
Earlier you mentioned broadcasts that needed to reach through and touch the HDLC
systems - did you actually mean IP multicast?
rick jones
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: Multiple interfaces with the same IP address
2009-10-07 21:15 ` Rick Jones
@ 2009-10-07 21:21 ` Oskar Berggren
2009-10-07 21:57 ` Greg Wilson-Lindberg
0 siblings, 1 reply; 8+ messages in thread
From: Oskar Berggren @ 2009-10-07 21:21 UTC (permalink / raw)
To: netfilter@vger.kernel.org
2009/10/7 Rick Jones <rick.jones2@hp.com>:
> Greg Wilson-Lindberg wrote:
>>
>> Rick Jones wrote:
>> ...
>>
>
> I have not fully parsed the manpage for the ip command, but it does have
> tidbits which suggest being able to specify interfaces by name when
> manipulating routing tables. If that is correct you should be able to add
> specific host routes pointing-out specific interface names if you are indeed
> forced to put assign the same IP address to each of the HCLC interfaces on
> the "gateway."
>
Yes,
ip route add x.x.x.x/x dev eth1
or similar works fine.
If you like, you can also use ip addr add x.x.x.x/32 dev eth1 to set
an ip-address without having the kernel automatically install a subnet
route. Then manage the routing tables complete by yourself.
/Oskar
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: Multiple interfaces with the same IP address
2009-10-07 21:21 ` Oskar Berggren
@ 2009-10-07 21:57 ` Greg Wilson-Lindberg
2009-10-07 22:42 ` Rick Jones
0 siblings, 1 reply; 8+ messages in thread
From: Greg Wilson-Lindberg @ 2009-10-07 21:57 UTC (permalink / raw)
To: netfilter@vger.kernel.org
Ok, I can use route to add the various IP addresses that are on each HDLC channel to the routing
tables. There are a lot of machines, but because the addresses are well known/formatted, generating
the scripts automatically won't be to bad. But how do I handle broadcast addresses such as
172.16.255.255, 172.16.128.255, or 172.16.129.15 that need to go out all of the HDLC channels?
Oskar Berggren wrote:
> 2009/10/7 Rick Jones <rick.jones2@hp.com>:
>> Greg Wilson-Lindberg wrote:
>>> Rick Jones wrote:
>>> ...
>>>
>
>> I have not fully parsed the manpage for the ip command, but it does have
>> tidbits which suggest being able to specify interfaces by name when
>> manipulating routing tables. If that is correct you should be able to add
>> specific host routes pointing-out specific interface names if you are indeed
>> forced to put assign the same IP address to each of the HCLC interfaces on
>> the "gateway."
>>
>
> Yes,
>
> ip route add x.x.x.x/x dev eth1
>
> or similar works fine.
>
> If you like, you can also use ip addr add x.x.x.x/32 dev eth1 to set
> an ip-address without having the kernel automatically install a subnet
> route. Then manage the routing tables complete by yourself.
>
> /Oskar
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: Multiple interfaces with the same IP address
2009-10-07 21:57 ` Greg Wilson-Lindberg
@ 2009-10-07 22:42 ` Rick Jones
2009-10-07 23:00 ` Greg Wilson-Lindberg
0 siblings, 1 reply; 8+ messages in thread
From: Rick Jones @ 2009-10-07 22:42 UTC (permalink / raw)
To: Greg Wilson-Lindberg; +Cc: netfilter@vger.kernel.org
Greg Wilson-Lindberg wrote:
> Ok, I can use route to add the various IP addresses that are on each
> HDLC channel to the routing tables. There are a lot of machines, but
> because the addresses are well known/formatted, generating the scripts
> automatically won't be to bad. But how do I handle broadcast addresses
> such as 172.16.255.255, 172.16.128.255, or 172.16.129.15 that need to go
> out all of the HDLC channels?
How are those going to appear on the gateway's 10net interface in the first
place? I thought stuff like "directed broadcast" was verboten these days and
essentially unsupported by any stack. That is why I was asking if these were to
be broadcasts or perhaps IP multicasts - where IP multicasts *can* and do get
routed.
Please don't take this the wrong way, but on the surface, the setup you've
described sounds terribly kludged and so very brittle, and given the domain of
your email and a bit of reader imagination that is, well, troubling :)
rick jones
>
> Oskar Berggren wrote:
>
>> 2009/10/7 Rick Jones <rick.jones2@hp.com>:
>>
>>> Greg Wilson-Lindberg wrote:
>>>
>>>> Rick Jones wrote:
>>>> ...
>>>>
>>
>>> I have not fully parsed the manpage for the ip command, but it does have
>>> tidbits which suggest being able to specify interfaces by name when
>>> manipulating routing tables. If that is correct you should be able
>>> to add
>>> specific host routes pointing-out specific interface names if you are
>>> indeed
>>> forced to put assign the same IP address to each of the HCLC
>>> interfaces on
>>> the "gateway."
>>>
>>
>> Yes,
>>
>> ip route add x.x.x.x/x dev eth1
>>
>> or similar works fine.
>>
>> If you like, you can also use ip addr add x.x.x.x/32 dev eth1 to set
>> an ip-address without having the kernel automatically install a subnet
>> route. Then manage the routing tables complete by yourself.
>>
>> /Oskar
>> --
>> To unsubscribe from this list: send the line "unsubscribe netfilter" in
>> the body of a message to majordomo@vger.kernel.org
>> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 8+ messages in thread
* Re: Multiple interfaces with the same IP address
2009-10-07 22:42 ` Rick Jones
@ 2009-10-07 23:00 ` Greg Wilson-Lindberg
0 siblings, 0 replies; 8+ messages in thread
From: Greg Wilson-Lindberg @ 2009-10-07 23:00 UTC (permalink / raw)
To: netfilter@vger.kernel.org
The 'broadcasts' are just to allow us to get to a subset of the machines on the HDLC nets. I
suppose that they could be called IP multicasts, although the are not using the traditional
multicast addresses. The broadcasts addresses should never be generated outside of the 'gateway'
(we actually call these machines proxies). The gateway is actually used as a proxy for some
services, hence the need to be able to broadcast packets to some subset of the devices on the HDLC
nets (commands for a class of machines). The traffic that goes between the HDLC nets and the
ethernet is (at this point) all initiated from the machines on the HDLC nets, things like NFS
mounts. As I stated in a previous email, we have contemplated using the iptable NETMAP target to
directly map something like 10.192 on the ethernet WAN to 172.16 on the HDLC nets. But this will be
for the convenience of being able to then directly telnet into the machines on the HDLC nets, not
for sending 'broadcasts'.
Greg
Rick Jones wrote:
> Greg Wilson-Lindberg wrote:
>> Ok, I can use route to add the various IP addresses that are on each
>> HDLC channel to the routing tables. There are a lot of machines, but
>> because the addresses are well known/formatted, generating the scripts
>> automatically won't be to bad. But how do I handle broadcast addresses
>> such as 172.16.255.255, 172.16.128.255, or 172.16.129.15 that need to go
>> out all of the HDLC channels?
>
> How are those going to appear on the gateway's 10net interface in the first
> place? I thought stuff like "directed broadcast" was verboten these days and
> essentially unsupported by any stack. That is why I was asking if these were to
> be broadcasts or perhaps IP multicasts - where IP multicasts *can* and do get
> routed.
>
> Please don't take this the wrong way, but on the surface, the setup you've
> described sounds terribly kludged and so very brittle, and given the domain of
> your email and a bit of reader imagination that is, well, troubling :)
>
> rick jones
>
>> Oskar Berggren wrote:
>>
>>> 2009/10/7 Rick Jones <rick.jones2@hp.com>:
>>>
>>>> Greg Wilson-Lindberg wrote:
>>>>
>>>>> Rick Jones wrote:
>>>>> ...
>>>>>
>>>> I have not fully parsed the manpage for the ip command, but it does have
>>>> tidbits which suggest being able to specify interfaces by name when
>>>> manipulating routing tables. If that is correct you should be able
>>>> to add
>>>> specific host routes pointing-out specific interface names if you are
>>>> indeed
>>>> forced to put assign the same IP address to each of the HCLC
>>>> interfaces on
>>>> the "gateway."
>>>>
>>> Yes,
>>>
>>> ip route add x.x.x.x/x dev eth1
>>>
>>> or similar works fine.
>>>
>>> If you like, you can also use ip addr add x.x.x.x/32 dev eth1 to set
>>> an ip-address without having the kernel automatically install a subnet
>>> route. Then manage the routing tables complete by yourself.
>>>
>>> /Oskar
>>> --
>>> To unsubscribe from this list: send the line "unsubscribe netfilter" in
>>> the body of a message to majordomo@vger.kernel.org
>>> More majordomo info at http://vger.kernel.org/majordomo-info.html
>> --
>> To unsubscribe from this list: send the line "unsubscribe netfilter" in
>> the body of a message to majordomo@vger.kernel.org
>> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
^ permalink raw reply [flat|nested] 8+ messages in thread
end of thread, other threads:[~2009-10-07 23:00 UTC | newest]
Thread overview: 8+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-10-07 19:36 Multiple interfaces with the same IP address Greg Wilson-Lindberg
2009-10-07 20:02 ` Rick Jones
2009-10-07 20:52 ` Greg Wilson-Lindberg
2009-10-07 21:15 ` Rick Jones
2009-10-07 21:21 ` Oskar Berggren
2009-10-07 21:57 ` Greg Wilson-Lindberg
2009-10-07 22:42 ` Rick Jones
2009-10-07 23:00 ` Greg Wilson-Lindberg
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).