Date: Mon, 24 Jan 2000 08:23:46 -1000 From: Clifton Royston <cliftonr@lava.net> To: "Rodney W. Grimes" <freebsd@gndrsh.dnsmgr.net> Cc: "N.B. DelMore" <mylists@inr.net>, freebsd-stable@FreeBSD.ORG Subject: Re: Multiple IP addresses Message-ID: <20000124082346.D27533@lava.net> In-Reply-To: <200001241809.KAA68669@gndrsh.dnsmgr.net> References: <3.0.6.32.20000124043423.009ac550@mail.inr.net> <200001241809.KAA68669@gndrsh.dnsmgr.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jan 24, 2000 at 10:09:17AM -0800, Rodney W. Grimes wrote:
> > Just a couple of questions concerning multiple IP's. In searching through
> > the archives I've seen references to binding the addresses to the NIC as
> > well as the loopback, which is the proper method?
>
> Depends on who you ask. Seriously though, both methods are valid, each
> having slightly different behavior and advantages/disadvantages so thier
> is no black and white one is proper and the other is wrong.
>
> Bind to NIC:
> a) You don't have to screw with routing at all if the IP's are already
> on that network segment, and usually just a single route at the
> gateway if they are not.
>
> b) Arp storms can become a problem here, it gives more IP addresses
> that respond to arp's. Arps are not well filtered at most locations.
>
> Bind to lo0:
> a) You don't fill up other routers arp tables. 1000+ entry arp tables
> are not fun to look at and not fun for the router to search :-)
Note though that you *can* still proxy arp for addresses bound to the
loopback if you want to, BTW.c
> b) You can easily move a virtual from one machine to another without
> seeing a pile of ``so and so has moved from MAX X to MAX Y.
>
> c) Routing protocols can be used to dynamically manage the ip space
> in a VLSM manner or on a host based manner.
or d) If all the addresses you're assigning make up an entire
netblock, you can insert a static route to the netblock on the
router.
FWIW, in managing many virtual web servers (BSD/OS, very similar
network code) we rapidly moved from binding IPs to the NIC, to binding
IPs to the loopback and proxy arping, much later switched to binding
IPs to the loopback and using a static route to the netblock, and
eventually have moved to binding IPs to the loopback and running Zebra
to announce routes to the web servers.
YMMV,
-- Clifton
--
Clifton Royston -- LavaNet Systems Architect -- cliftonr@lava.net
"An absolute monarch would be absolutely wise and good.
But no man is strong enough to have no interest.
Therefore the best king would be Pure Chance.
It is Pure Chance that rules the Universe;
therefore, and only therefore, life is good." - AC
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000124082346.D27533>