networking

IPv6 Anycast

IPv6 has a neat feature called Duplicate Address Detection (DAD). When you add an IPv6 address to an interface, it checks to be sure that nobody else is already using that address. That's a Good Thing®. But if you're using IPv6 addresses for anycast and two (or more) devices are on the same subnet it can cause problems. The solution is to not put your anycasted addresses on the shared interface (e.g. eth0); rather, put them on the loopback interface.

tags: 

NAT

If you've ever thought to yourself, "self, I'm going to borrow these public IP addresses which aren't mine and use them for my internal, natted network", well then let me set you straight. Don't do it. Disaster will strike at some point and the consequences will not be good. But if you do it anyway, don't expect me to feel sorry for you either.

Also, NAT sucks.

tags: 

Using a /32 Netmask on Linux

Despite what some simple Googling might imply, it's entirely possible to use a /32 as a netmask for an IP address on Linux. The important detail is that it can't be the primary IP address. That primary can be an RFC1918 address (i.e. nonrouteable on the Internet) but your default gateway needs to be able to route to you via something other than the /32.

Here's the setup. Assume a Cisco router on 192.0.2.1/24 and a Linux server on 192.0.2.2/24. The /32 we'll use is 192.0.3.1/32.

On the server:

ip addr add dev eth0 192.0.2.2/24
ip addr add dev eth0 192.0.3.1/32

On the router:

interface FastEthernet0/1
ip address 192.0.2.1 255.255.255.0
ip route 192.0.3.1 255.255.255.255 192.0.2.2

At this point, you should be able to ping both 192.0.2.2 and 192.0.3.1 from the router.

The other step you may need to take is to add some routing on the Linux server to source from the 192.0.3.1 address. Normally traffic that is received on that IP will reply with that IP, so that's fine, but for new traffic if you want the source to be the /32, you'll need a special route:

ip route add 10.0.0.0/8 via 192.0.2.1 src 192.0.3.1

See, I told you it was easy.

tags: 

Presenting at UTOSC 2009


I will be presenting at the Utah Open Source Conference (UTOSC) again this year. On tap are 3, count 'em, 3 presentations. I'm still not quite sure what possessed me to submit 3 abstracts but I did and (just to spite me I think) they accepted all of them.

Refer to the schedule for any last minute changes but for now here are the times I'm speaking.

Hope to see you there.

tags: 

Subscribe to RSS - networking Subscribe to zmonkey.org - All comments