RE: [LARTC] ip_alias??

Linux Advanced Routing and Traffic Control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Just a quick comment on the ip aliasing firewall, you can do it. A few years
back when I was more good looking than rich I only had one NIC card but
wanted to set up NAT behind someone else's network(Technically becoming
double NAT to get out to the real internet) and I had the same NIC handling
both sides of the connection. Of course don't try this at home unless you
can't afford the $20 a NIC goes for. The moral of the story: You can do it,
but you should avoid it. (2.2 Kernel, I can't testify as to 2.4, but if you
really need to do it there are a number of fine 2.2 kernels available :) )


NIC IP aliasing:
ip address add 192.168.0.1 dev eth0

Making a device alias for the nic(You were right):
ifconfig eth0:0 192.168.0.1 up

-David Talbot

-----Original Message-----
From: lartc-admin@xxxxxxxxxxxxxxx [mailto:lartc-admin@xxxxxxxxxxxxxxx]On
Behalf Of Juri Haberland
Sent: Wednesday, June 13, 2001 3:21 AM
To: Jasper Spaans
Cc: streeterk; LARTC@xxxxxxxxxxxxxxx
Subject: Re: [LARTC] ip_alias??


Jasper Spaans wrote:
>
> On Tue, Jun 12, 2001 at 10:57:36PM -0700, streeterk wrote:
>
> > What happened to ip_alias.  I found some reference to it being replaced
in
> > 2.4 Kernels, but replaced with what?  Anyone know of some good
> > documentation on this subject??
>
> It has disappeared, however, its functionality hasn't (at least,
partially).

[--snip--]

> (Well, some pitfalls do exist, you cannot firewall on these interfaces
> anymore, however, you'll have to rewrite your rules anyway because of the
> transition to iptables, so that shouldn't be a problem)

Guys, excuse my ignorance, but can you point me to the original source
of that information? It's the very first time I heard of this and
actually I am still able to use something like 'ifconfig eth0:0 x.x.x.x
up'. And AFAIK it was never possible to use alias interfaces in
firewalling.

Maybe I missed some important information for years? (not impossible IMO
;-)

Juri

_______________________________________________
LARTC mailing list / LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO:
http://ds9a.nl/2.4Routing/
[Index of Archives]     [LARTC Home Page]     [Netfilter]     [Netfilter Development]     [Network Development]     [Bugtraq]     [GCC Help]     [Yosemite News]     [Linux Kernel]     [Fedora Users]
  Powered by Linux