Hello everybody!
Could anybody advice on the following problem. I need to assign several ip-addresses to 'lo' interface (beside 127.0.0.1). It is convenient to me to implement NAT with such addresses. I can easily assign these addresses on running system with 'ip address add <some addr/prefix> dev lo'. Yet I cannot understand how to make these settings apply on boot time. Certainly it is possible to patch standard system scripts like /etc/rc.d/init.d/network, but I suppose there must be more straight way to do this.
P.S. I use CentOS 5.2
Dmitry Cherkasov wrote:
Hello everybody!
Could anybody advice on the following problem. I need to assign several ip-addresses to 'lo' interface (beside 127.0.0.1). It is convenient to me to implement NAT with such addresses. I can easily assign these addresses on running system with 'ip address add <some addr/prefix> dev lo'. Yet I cannot understand how to make these settings apply on boot time. Certainly it is possible to patch standard system scripts like /etc/rc.d/init.d/network, but I suppose there must be more straight way to do this.
This is well enough explained in /usr/share/doc/initscripts-8.45.19.EL/sysconfig.txt
In /etc/sysconfig/network-scripts you need to create a file: ifcfg-l0:1 where all you really need is the ipaddr and netmask values.
2008/9/15 Robert Moskowitz rgm@htt-consult.com:
Could anybody advice on the following problem. I need to assign several ip-addresses to 'lo' interface (beside 127.0.0.1). It is convenient to me to implement NAT with such addresses. I can easily assign these addresses on running system with 'ip address add <some addr/prefix> dev lo'. Yet I cannot understand how to make these settings apply on boot time. Certainly it is possible to patch standard system scripts like /etc/rc.d/init.d/network, but I suppose there must be more straight way to do this.
This is well enough explained in /usr/share/doc/initscripts-8.45.19.EL/sysconfig.txt
In /etc/sysconfig/network-scripts you need to create a file: ifcfg-l0:1 where all you really need is the ipaddr and netmask values.
This works fine for 'eth' and does not work for 'lo'.
2008/9/15 Dmitry Cherkasov doctorchd@gmail.com:
2008/9/15 Robert Moskowitz rgm@htt-consult.com:
Could anybody advice on the following problem. I need to assign several ip-addresses to 'lo' interface (beside 127.0.0.1). It is convenient to me to implement NAT with such addresses. I can easily assign these addresses on running system with 'ip address add <some addr/prefix> dev lo'. Yet I cannot understand how to make these settings apply on boot time. Certainly it is possible to patch standard system scripts like /etc/rc.d/init.d/network, but I suppose there must be more straight way to do this.
This is well enough explained in /usr/share/doc/initscripts-8.45.19.EL/sysconfig.txt
In /etc/sysconfig/network-scripts you need to create a file: ifcfg-l0:1 where all you really need is the ipaddr and netmask values.
This works fine for 'eth' and does not work for 'lo'.
The problem has been solved. The solution is to use file ifcfg-lo-range.
Dmitry Cherkasov wrote:
Hello everybody!
Could anybody advice on the following problem. I need to assign several ip-addresses to 'lo' interface (beside 127.0.0.1). It is convenient to me to implement NAT with such addresses.
The "lo" interface already accepts packets with any 127.x.y.z address. Do you really need more addresses than the 127.0.0.0/8 block?
$ ping -c1 127.111.222.123 PING 127.111.222.123 (127.111.222.123) 56(84) bytes of data. 64 bytes from 127.111.222.123: icmp_seq=1 ttl=64 time=0.104 ms
I did absolutely nothing special to set that up. I also routinely have an stunnel process listening on 127.0.0.25:465, and again, I did nothing special with the interface configuration or routing tables to allow that to work.
2008/9/15 Robert Nichols rnicholsNOSPAM@comcast.net:
Dmitry Cherkasov wrote:
Hello everybody!
Could anybody advice on the following problem. I need to assign several ip-addresses to 'lo' interface (beside 127.0.0.1). It is convenient to me to implement NAT with such addresses.
The "lo" interface already accepts packets with any 127.x.y.z address. Do you really need more addresses than the 127.0.0.0/8 block?
Yes. I need addresses to use for NAT masquerading. If there is more than one outbound interface for traffic it is inconvenient to use addresses bound to a particular physical interface. Another example is some service that may require moving from host to host. It is easy to move the service together with its ipaddress bound to loopback. There are also some other examples when such settings may be useful.
$ ping -c1 127.111.222.123 PING 127.111.222.123 (127.111.222.123) 56(84) bytes of data. 64 bytes from 127.111.222.123: icmp_seq=1 ttl=64 time=0.104 ms
I did absolutely nothing special to set that up. I also routinely have an stunnel process listening on 127.0.0.25:465, and again, I did nothing special with the interface configuration or routing tables to allow that to work.
-- Bob Nichols "NOSPAM" is really part of my email address. Do NOT delete it.
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Robert Nichols wrote:
Dmitry Cherkasov wrote:
Hello everybody!
Could anybody advice on the following problem. I need to assign several ip-addresses to 'lo' interface (beside 127.0.0.1). It is convenient to me to implement NAT with such addresses.
The "lo" interface already accepts packets with any 127.x.y.z address. Do you really need more addresses than the 127.0.0.0/8 block?
$ ping -c1 127.111.222.123 PING 127.111.222.123 (127.111.222.123) 56(84) bytes of data. 64 bytes from 127.111.222.123: icmp_seq=1 ttl=64 time=0.104 msI did absolutely nothing special to set that up. I also routinely have an stunnel process listening on 127.0.0.25:465, and again, I did nothing special with the interface configuration or routing tables to allow that to work.
Any doubter can demonstrate that easily: -----------
#!/bin/bash # z=1;y=0;x=0 while [ $x -le 255 ] ; do y=0 while [ $y -le 255 ] ; do z=1 while [ $z -le 255 ] ; do ping -c1 127.$x.$y.$z (( z +=1 )) done (( y +=1 )) done (( x +=1 )) done --------------------- <snip> PING 127.5.139.115 (127.5.139.115) 56(84) bytes of data. 64 bytes from 127.5.139.115: icmp_seq=1 ttl=64 time=0.051 ms
--- 127.5.139.115 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.051/0.051/0.051/0.000 ms PING 127.5.139.116 (127.5.139.116) 56(84) bytes of data. 64 bytes from 127.5.139.116: icmp_seq=1 ttl=64 time=0.052 ms
--- 127.5.139.116 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.052/0.052/0.052/0.000 ms PING 127.5.139.117 (127.5.139.117) 56(84) bytes of data. 64 bytes from 127.5.139.117: icmp_seq=1 ttl=64 time=0.051 ms
--- 127.5.139.117 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.051/0.051/0.051/0.000 ms PING 127.5.139.118 (127.5.139.118) 56(84) bytes of data. 64 bytes from 127.5.139.118: icmp_seq=1 ttl=64 time=0.051 ms
--- 127.5.139.118 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.051/0.051/0.051/0.000 ms
...etc.
2008/9/15 Robert kerplop@sbcglobal.net:
Robert Nichols wrote:
Dmitry Cherkasov wrote:
Hello everybody!
Could anybody advice on the following problem. I need to assign several ip-addresses to 'lo' interface (beside 127.0.0.1). It is convenient to me to implement NAT with such addresses.
The "lo" interface already accepts packets with any 127.x.y.z address. Do you really need more addresses than the 127.0.0.0/8 block?
$ ping -c1 127.111.222.123 PING 127.111.222.123 (127.111.222.123) 56(84) bytes of data. 64 bytes from 127.111.222.123: icmp_seq=1 ttl=64 time=0.104 ms
I did absolutely nothing special to set that up. I also routinely have an stunnel process listening on 127.0.0.25:465, and again, I did nothing special with the interface configuration or routing tables to allow that to work.
Any doubter can demonstrate that easily:
#!/bin/bash # z=1;y=0;x=0 while [ $x -le 255 ] ; do y=0 while [ $y -le 255 ] ; do z=1 while [ $z -le 255 ] ; do ping -c1 127.$x.$y.$z (( z +=1 )) done (( y +=1 )) done (( x +=1 )) done
Theoretically 'fping -g 127.0.0.0/8' does the same yet it consumes too much memory. My box with 512MB of RAM didn't manage to execute this ;-)
<snip> PING 127.5.139.115 (127.5.139.115) 56(84) bytes of data. 64 bytes from 127.5.139.115: icmp_seq=1 ttl=64 time=0.051 ms
--- 127.5.139.115 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.051/0.051/0.051/0.000 ms PING 127.5.139.116 (127.5.139.116) 56(84) bytes of data. 64 bytes from 127.5.139.116: icmp_seq=1 ttl=64 time=0.052 ms
--- 127.5.139.116 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.052/0.052/0.052/0.000 ms PING 127.5.139.117 (127.5.139.117) 56(84) bytes of data. 64 bytes from 127.5.139.117: icmp_seq=1 ttl=64 time=0.051 ms
--- 127.5.139.117 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.051/0.051/0.051/0.000 ms PING 127.5.139.118 (127.5.139.118) 56(84) bytes of data. 64 bytes from 127.5.139.118: icmp_seq=1 ttl=64 time=0.051 ms
--- 127.5.139.118 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.051/0.051/0.051/0.000 ms
...etc. _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
-
Dmitry Cherkasov -
Robert -
Robert Moskowitz -
Robert Nichols