interface aliases and tap devices
- From: Gerrit Kühn <gerrit@xxxxxxxxxxxxxxxxxxx>
- Date: Wed, 27 Feb 2008 14:19:32 +0100
Hello,
I have two stories to tell meanwhile, the first comes here in form of a
forward from a question I posted on the discussion list for dnsmasq
(ports/dns/dnsmasq):
---
Begin forwarded message:
Date: Wed, 27 Feb 2008 09:28:28 +0000
From: Simon Kelley <simon@xxxxxxxxxxxxxxxxx>
To: Gerrit Kühn <gerrit@xxxxxxxxxxxxxxxxxxx>
Cc: dnsmasq-discuss@xxxxxxxxxxxxxxxxx
Subject: Re: [Dnsmasq-discuss] question about subnets and interface aliases
Gerrit Kühn wrote:
Hi folks,
I have a private network here (192.168.0.0/16) which I have separated
in 8 subnets (192.168.0.0/19, 192.168.32.0/19 and so on). I want to
run dnsmasq to serve as dns and dhcp server, but only on one machine.
As the separation of the subnets is purely of logical nature and not
physical (everything on the same switched network), I have configured
this machine with the primary IP address 192.168.0.254/19 and put IP
aliases for all other subnets (192.168.32.254/19 and so on) on that
interface. The free dhcp IP-range for unknown hosts is in the first
subnet (192.168.30.0/24), all others shall be fixed-host entries
which are identified via their MAC addresses.
Now I see the following behaviour: dhcp-addresses are delivered from
the free segment to unknown hosts as designed. However, fixed-host
entries only work if they come from the first subnet
(192.168.0.0/19). If I have dhcp-host entries for any other subnet,
they are completely ignored and the requesting hosts gets an IP from
the free range for unknown hosts instead.
Is my setup completely screwed up and something one should not do, or
does anyone here have an idea how to get things right? I'm using
FreeBSD 7-stable and dnsmasq 2.40 (if that matters).
It does matter, specifically the FreeBSD bit. On Linux, the above
arrangement will work, (or at least can be made to work). The code for
determining the IP parameters of an interface on *BSD knows nothing
about aliases, so it can't work.
Any hint is appreciated.
If you are, or can find, a FreeBSD networking guru who can upgrade the
code in src/bpf.c I'm happy to take a patch.....
Cheers,
Simon.
---
As I am definitely not the networking guru who could do this, I thought it
would be a good idea to ask here if anyone is interested in helping out.
The second story is connected with the first:
As the problem for dnsmasq seems to be that it cannot handle more than one
IP per interface, I came up with the idea if setting up one IP on the
physical interface and 7 more on 7 virtual tap devices. Then I bound the
tap devices together with the physical interface on a bridge interface.
This setup works insofar that I can ping all 8 addresses and receive
answers. ssh connections and so on work, too. However, the dhcp client
broadcasts do not reach dnsmasq, although I configured it to listen on
all 8 interfaces.
Even more strange to me was that I discovered that the virtual tap
interfaces see nothing of the traffic. If I run tcpdump on the tap devices
(or even on the bridge interface), I see /nothing/ of the traffic which is
actually directed to one of the IPs the tap devices carry. I see
everything floating though the physical interface, though.
I actually thought that the traffic would reach the tap interfaces and
could be processed there with other software like tcpdump or dnsmasq. Why
is this not the case?
cu
Gerrit
_______________________________________________
freebsd-net@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@xxxxxxxxxxx"
- Prev by Date: Re: [RESOLVED] Re: Strange resolver behavior
- Next by Date: Re: [RESOLVED] Re: Strange resolver behavior
- Previous by thread: fastforwarding and gif tunnel
- Next by thread: Re: kern/119548: [pf] [ath] [patch] PF Altq with ath hostap problem
- Index(es):
Relevant Pages
|
|
