Other Stuff


Page Contents:

Page Group:


2009: 2008:

Related Pages:

Two IP Addresses on one NIC; Routing Appropriate Traffic Through Each

The NW-Grid registration box, man4.nw-grid.ac.uk, happens to live at UoM. It needs to send email out to the world at large.

All outgoing mail from the campus network must go via the UoM mail relays — port 25 is blocked outbound. The relays accept email from machines DNS-registered within umist.ac.uk, man.ac.uk and manchester.ac.uk only. (Well, presumably mcc.ac.uk and a few others are still hanging around too.)

So we have an issue. Ask ITS nicely to reconfigure their mail relays? (That was Plan A.) Or use a second IP address with a different DNS-registration and use appropriate routing?

Two IP Addresses on One NIC

From the man page for ifconfig:

    If your kernel supports alias interfaces, you can specify them with 
    eth0:0 for the first alias of eth0.  You can use them to assign a 
    second address. 
Any modern kernel supports such aliases out of the box, so given a second IP address,, say, DNS-registered as, for example, biruni.mc.man.ac.uk, we proceed thusly:
    promp> ifconfig eth0:0 netmask
so that
    prompt> ifconfig -a


    eth0 Link encap:Ethernet HWaddr 00:14:4F:20:86:88
    inet addr: Bcast: Mask:

    eth0:0 Link encap:Ethernet HWaddr 00:14:4F:20:86:88
    inet addr: Bcast: Mask:

Required Routing

We require all traffic to the UoM email relay, (aka smtp.manchester.ac.uk), go through eth0:0 and all other traffic go through eth0, so we add a routing entry:

    prompt> route add -host dev eth0:0
so that
    prompt> netstat -rn

    Kernel IP routing table
    Destination Gateway Genmask Flags MSS Window irtt Iface UH 0 0 0 eth0
        # ...the above line is the new one --- but netstat gives no hint
        #    that eth0:0 exists;  nor does route --- see below...
        # UH 0 0 0 eth0 U 0 0 0 eth0 U 0 0 0 eth0 U 0 0 0 lo UG 0 0

Our New Route: Diagnostics and Testing

As stated above, neither netstat -rn nor route -n acknowledge the existence of our new IP alias, eth0:0, so how can we check that traffic is being routed as per our route add -host... command?

We should not have to resort to tcpdump. . .  

Solution — install better utilities

   root> apt-get install iproute
       # ...get a more advanced set of tools
and then
    root> ip route list dev eth0  scope link  src
        # ...shows the source address this time...
        # dev eth0  proto kernel  scope link  src dev eth0  proto kernel  scope link  src
    default via dev eth0
Thar she blows!

Problems Encountered

Of course, in truth there was a problem which arose owing to a "feature" of ifconfig.

An alias already existed on eth0 which we wished to shutdown before setting up our new one. ifconfig -a showed

    eth0      Link encap:Ethernet  HWaddr 00:12...
              inet addr:  Bcast:  Mask:

    eth0:biru Link encap:Ethernet  HWaddr 00:12:3F:32:AD:DB
              inet addr:...
    prompt> ifconfig eth0:biru down
    eth0:SIOCSIFFLAGS: Cannot assign requested address
It turns out that ifconfig list only the first four characters of the true alias name — so what was our alias?

A quick fgrep -r biru of /etc/sysconfig/network provided the answer and

    ifconfig eth0:birunimcmanacuk down
downed the beastie.