SEO
vBulletin Search Engine Optimization
| |||||||
| Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-16-2008, 08:10 AM
| ||||
| ||||
 can an alias address be routed through? I have openBSD 3.8 box with 2 interfaces acting as a router between two internal networks. Inteface xl0 192.168.1.1 with a subnet mask of 255.255.0.0 The other interface sis0 has an address of 192.169.1.254 with a subnet mask of 255.255.0.0 It seems to be routing successfully between these two networks. Now one device on the 192.168 network is a legacy device and i cannot change its subnet mask - it is 192.168.222.1 and subnet 255.255.255.0 I thought i would just add an alias to xl0 of 192.168.222.254 with subnet of 255.255.255.0 and hey presto from the gateway BSD console i can ping everything. BUT from the 192.169 network It still doesnt repond to ping. If i add a route route add 192.168.222.1 192.168.222.254 I cannot ping 192.168.222.1 from the BSD box console anymore and it still doesnt route from the other network. my question: Can BSD route to an alias address on an interface or not? My next effort will be to add another network card with a primary address of 192.168.222.254      |
|
02-16-2008, 08:10 AM
| |||
| |||
| Re: can an alias address be routed through? Szaba <jamess@wespine.com> wrote: > I have openBSD 3.8 box with 2 interfaces acting as a router between ^^^ Don't do that. Upgrade, 3.8 has known vulnerabilities. And 4.2 is much nicer. And upgrading is not too hard if you don't wait two years. > two internal networks. > > Inteface xl0 192.168.1.1 with a subnet mask of 255.255.0.0 > > The other interface sis0 has an address of 192.169.1.254 with a subnet ^^^^^^^ Don't do that, it's allocated. > mask of 255.255.0.0 > > It seems to be routing successfully between these two networks. Now > one device on the 192.168 network is a legacy device and i cannot > change its subnet mask - it is 192.168.222.1 and subnet 255.255.255.0 > > I thought i would just add an alias to xl0 of 192.168.222.254 with > subnet of 255.255.255.0 and hey presto from the gateway BSD console i > can ping everything. BUT from the 192.169 network It still doesnt > repond to ping. If i add a route > > route add 192.168.222.1 192.168.222.254 > > I cannot ping 192.168.222.1 from the BSD box console anymore and it > still doesnt route from the other network. > > my question: Can BSD route to an alias address on an interface or > not? That really isn't relevant. Having a completely wrong netmask will affect some things, like broadcasts, but should not cause simple unicast TCP or UDP or ICMP over IP to break. In other words, no matter what your netmask, your gateway should be able to ping the device, and the device should be able to respond. What is more, if you don't play around with aliases, traffic from the other side of the gateway to the device most likely works, too. However, traffic from the same side of the gateway probably breaks, because the routing table on this legacy device sends replies to the gateway, instead of the sending host. If all of the above is correct, is a proper statement of what you consider the problem, and applies to your situation, there are two simple solutions: 1. Add another interface for 192.168.222.0/24 to your gateway (an alias might or might not work - I don't know). Update *all* hosts in 192.168.0.0/24 to reflect this setup (route add 192.168.222.0/24 192.168.1.1 if the device is not in 192.168.222.0/24; change netmask otherwise), except the legacy device which happens to be configured correctly. 2. Set up a sane structure for 192.168.0.0/16; subdividing into /24 networks probably makes sense anyway, leaves you with plenty of address space (so no need to use 192.169.0.0/24 - if you *really* need more adresses, use a subnet of either 10.0.0.0/8 or 172.16.0.0/12), and solves this issue as a side-effect. The complicated solution involves catching the responses from your legacy device on the gateway, and rewriting and resending them to make it look like the device replied immediately to the sender. This is complex, error-prone, and completely wrong. Joachim |
|
02-16-2008, 08:10 AM
| ||||
| ||||
| Re: can an alias address be routed through? Joachim Schipper wrote: > Szaba <jamess@wespine.com> wrote: >> I have openBSD 3.8 box with 2 interfaces acting as a router between > ^^^ > > Don't do that. Upgrade, 3.8 has known vulnerabilities. And 4.2 is much > nicer. And upgrading is not too hard if you don't wait two years. > Hey! I resemble that comment! I've been tracking release every 6 months for a /whole/ year now! |
Linear Mode
