From owner-freebsd-questions Mon Jan 13 7:21:55 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2732B37B401 for ; Mon, 13 Jan 2003 07:21:52 -0800 (PST) Received: from mail.adelphia.net (pa-plum1b-166.pit.adelphia.net [24.53.161.166]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2CC5043F1E for ; Mon, 13 Jan 2003 07:21:51 -0800 (PST) (envelope-from wmoran@potentialtech.com) Received: from potentialtech.com ([172.16.0.95]) by mail.adelphia.net (8.12.3/8.12.3) with ESMTP id h0DFMpAg004795; Mon, 13 Jan 2003 10:22:55 -0500 (EST) (envelope-from wmoran@potentialtech.com) Message-ID: <3E22CDA4.4010401@potentialtech.com> Date: Mon, 13 Jan 2003 09:31:00 -0500 From: Bill Moran User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.1) Gecko/20021127 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Anand Buddhdev Cc: questions@freebsd.org Subject: Re: Multiple network cards with IP addresses in the same network References: <20030113114954.GQ1330@anand.org> <3E22B6B4.70401@potentialtech.com> <20030113141031.GA11679@anand.org> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Anand Buddhdev wrote: > On Mon, Jan 13, 2003 at 07:53:08AM -0500, Bill Moran wrote: > >>>I have a FreeBSD 4.7 system, with 3 ethernet cards. The first two >>>are recognised as fxp0 and fxp1 and the second as em0 (intel gigabit >>>card). I configured the em0 with address 192.168.0.1/24. I then wanted >>>to configure fxp0 with the address 192.168.0.2/24, and also connect it >>>to the switch so that I can connect to the server via both addresses. >>>However, FreeBSD's ifconfig command fails, and won't let me add the second >>>address to the fxp0 interface. I read the manual page about ifconfig, >>>and read about aliases, where it said that for aliases, I must use the >>>netmask /32. When I do try to add the second address with a netmask of >>>/32, it works, but it doesn't make sense to me. How is that interface >>>going to to know that it is part of a /24 network if I use a /32 netmask? >>> >>>Would anyone be kind enough to explain why: >>> >>>1. For aliases, I need the /32 mask >> >>I didn't know that you did. I've certainly had aliases that weren't /32 > > I have been using linux for about 2 years now. Let me explain why I > don't understand. Well, first off, I misunderstood your original question. > I have addresses 192.168.0.1 and 192.168.0.2. I want to run different > services on the 2 different IP addresses. In a linux system, I do: > > ifconfig eth0 192.168.0.1 netmask 255.255.255.0 > ifconfig eth0:0 192.168.0.2 netmask 255.255.255.0 > > So that I have 2 different addresses bound to the same interface. > > On FreeBSD, if I do: > > ifconfig fxp0 192.168.0.1 netmask 255.255.255.0 > ifconfig fxp0 192.168.0.2 netmask 255.255.255.0 alias > > That fails. It should, it creates an ambiguous network situation. Also, I don't understand why you would want to do this. > The ifconfig manpage states that a nonconflicting netmaks must be used > for the alias, and suggests to use 0xffffffff. I don't understand why, > because I don't see why one network interface cannot have more than one > address bound to it within the same network. If I use a /32 netmask for > the alias address, how will the kernel respond to arp requests for that > alias address? What would you expect it to do that would be unusual? If you really want two IPs on the same subnet on the same NIC, then use a /32 subnet for one. What's it going to hurt? >>>2. Adding a second IP to a *different* network card in the same server >>>does not work if the second IP is within the network of the first one. >> >>Because it breaks routing and the basic concept of IP addys and netmasks. >>If you have two NICs on the same network, how is the kernel supposed to >>route packets? > > I still don't understand. In a linux system I can do: > > route add -net 0.0.0.0 netmask 0.0.0.0 gw 192.168.0.254 dev eth0 > route add -net 0.0.0.0 netmask 0.0.0.0 gw 192.168.0.254 dev eth1 Just because you can do it on a Linux system doesn't mean it's right. > This adds 2 default routes in the linux kernel, telling it to route > packets to the outside world using either network interface, where eth0 > has address 192.168.0.1/24 and eth1 has address 192.168.0.2/24. What's > wrong with that? It's ambiguous. Where does the kernel route to when there are two possible routes? There's really no reason for such a thing. >>If you want this setup as a failover solution, there are other ways. >>There's a program in the ports (I can't remember the name, you'll have to >>do some research) that will monitor an interface, and if it becomes non- >>responsive, run a script of your choosing. Thus, you can have it start >>up the other network card if the first fails. > > Ok, I understand that, and it may be a very useful program, *if* you > want to bring up the other interface with perhaps the same IP address. Well, it's useful for other reasons as well, but it doesn't apply to your situation. I suggested it because I didn't understand what you were asking before. > All I want to do is to have 2 different IP addresses on each of the > different interfaces in the server, where the addresses are in the > same network. I can do it in linux. Why can't I do it in FreeBSD? Because you shouldn't do it. >>If failover isn't what you're looking for, then I'd reconsider your >>network topology. It doesn't really make sense to have 2 NICs with the >>same network number in one machine. > > > Why not? I haven't seen any such warning in my IP networking books > or courses. My answer to your question is: 1. Why would you WANT to do that? I don't care if Linux, Windows and everyone but FreeBSD _allows_ you to, the reason for it escapes me. 2. If you reall _do_ want to do that, use a /32 netmask as required. If that doesn't work for you for some reason, then the answer to your question is beyond my expertise. -- Bill Moran Potential Technologies http://www.potentialtech.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message