Other Stuff

UoM::RCS::Talby


Page Contents:


Page Group:

2010:

2009: 2008:


Related Pages:





Two IP Addresses on one NIC; Routing Appropriate Traffic Through Each

The NW-Grid registration box, man4.nw-grid.ac.uk, happens to live at UoM. It needs to send email out to the world at large.

All outgoing mail from the campus network must go via the UoM mail relays — port 25 is blocked outbound. The relays accept email from machines DNS-registered within umist.ac.uk, man.ac.uk and manchester.ac.uk only. (Well, presumably mcc.ac.uk and a few others are still hanging around too.)

So we have an issue. Ask ITS nicely to reconfigure their mail relays? (That was Plan A.) Or use a second IP address with a different DNS-registration and use appropriate routing?

Two IP Addresses on One NIC

From the man page for ifconfig:

    If your kernel supports alias interfaces, you can specify them with 
    eth0:0 for the first alias of eth0.  You can use them to assign a 
    second address. 
Any modern kernel supports such aliases out of the box, so given a second IP address, 130.88.200.244, say, DNS-registered as, for example, biruni.mc.man.ac.uk, we proceed thusly:
    promp> ifconfig eth0:0 130.88.200.244 netmask 255.255.255.0
so that
    prompt> ifconfig -a

    .
    .

    eth0 Link encap:Ethernet HWaddr 00:14:4F:20:86:88
    inet addr:130.88.200.156 Bcast:130.88.200.255 Mask:255.255.255.0
    .
    .

    eth0:0 Link encap:Ethernet HWaddr 00:14:4F:20:86:88
    inet addr:130.88.200.244 Bcast:130.88.255.255 Mask:255.255.255.0
    .
    .

Required Routing

We require all traffic to the UoM email relay, 130.88.200.242 (aka smtp.manchester.ac.uk), go through eth0:0 and all other traffic go through eth0, so we add a routing entry:

    prompt> route add -host 130.88.200.92 dev eth0:0
so that
    prompt> netstat -rn

    Kernel IP routing table
    Destination Gateway Genmask Flags MSS Window irtt Iface
    130.88.200.92 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
        #
        # ...the above line is the new one --- but netstat gives no hint
        #    that eth0:0 exists;  nor does route --- see below...
        #
    130.88.99.13 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
    130.88.200.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
    169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
    127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
    0.0.0.0 130.88.200.250 0.0.0.0 UG 0 0

Our New Route: Diagnostics and Testing

As stated above, neither netstat -rn nor route -n acknowledge the existence of our new IP alias, eth0:0, so how can we check that traffic is being routed as per our route add -host... command?

We should not have to resort to tcpdump. . .  

Solution — install better utilities

   root> apt-get install iproute
       #
       # ...get a more advanced set of tools
       #
and then
    root> ip route list

    130.88.200.92 dev eth0  scope link  src 130.88.200.244
        #
        # ...shows the source address this time...
        #
    130.88.0.0/16 dev eth0  proto kernel  scope link  src 130.88.198.58
    130.88.200.0/24 dev eth0  proto kernel  scope link  src 130.88.200.244
    default via 130.88.198.250 dev eth0
Thar she blows!

Problems Encountered

Of course, in truth there was a problem which arose owing to a "feature" of ifconfig.

An alias already existed on eth0 which we wished to shutdown before setting up our new one. ifconfig -a showed

    eth0      Link encap:Ethernet  HWaddr 00:12...
              inet addr:130.88.200.156  Bcast:130.88.200.255  Mask:255.255.255.0
              .
              .

    eth0:biru Link encap:Ethernet  HWaddr 00:12:3F:32:AD:DB
              inet addr:...
              .
              .
yet
    prompt> ifconfig eth0:biru down
    eth0:SIOCSIFFLAGS: Cannot assign requested address
It turns out that ifconfig list only the first four characters of the true alias name — so what was our alias?

A quick fgrep -r biru of /etc/sysconfig/network provided the answer and

    ifconfig eth0:birunimcmanacuk down
downed the beastie.