lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 29 May 2018 15:39:05 +0530
From:   Akshat Kakkar <akshat.1984@...il.com>
To:     Michal Kubecek <mkubecek@...e.cz>
Cc:     netdev <netdev@...r.kernel.org>
Subject: Re: Unable to create ip alias on bridge interface

For following commands,
  ip addr add 10.10.10.1/24 brd +  dev br0
  ip addr add 10.10.10.2/24 brd +  dev br0
  ip addr add 20.20.20.1/24 brd +  dev br0
  ip addr add 20.20.20.2/24 brd +  dev br0

Both 10.10.10.1 and 20.20.20.1 becomes primary. Which one will be used
as source IP?

Is it nextHop of route that will decide?

And what about communication in local subnet, say ping to 10.10.10.200
and 20.20.20.200? Will source for both will change according to
destination IP?

On Mon, May 28, 2018 at 11:50 PM, Akshat Kakkar <akshat.1984@...il.com> wrote:
> Thanks for clarifying that first ip will be used as primary ip.
> I have 2 further queries on this.
> 1. How can this survive across reboots without having a custom script
> on boot up? Like some ifcfg file,etc.
> 2. is there a way to tell to make a given ip as primary, irrespective of order?
>
> On Mon, May 28, 2018 at 5:35 PM, Michal Kubecek <mkubecek@...e.cz> wrote:
>> On Mon, May 28, 2018 at 02:35:41PM +0530, Akshat Kakkar wrote:
>>> I am having a bridge named br0 having ports eno1 and eno2 as members.
>>> I have given IP to br0 as 10.10.10.1/24
>>>
>>> Now I want to create alias on br0 as br0:1 and give IP as
>>> 10.10.10.2/24, but I am unable to.
>>>
>>> I know, we can add multiple IPs to br0 using "ip addr" command, but I
>>> dont want to do it that way as I want all outgoing connections from
>>> br0 to take src ip as 10.10.10.1. I know by providing option of "src"
>>> in all routes, things can work but this looks more like a hack and
>>> less of a solution.
>>
>> I don't understand. There are no actual aliases since kernel 2.2 and an
>> attempt to add "br0:1 with address 10.10.10.2/24" using ifconfig should
>> result in the same configuration as
>>
>>   ip addr add 10.10.10.2/24 brd + label br0:1 dev br0
>>
>> where the "label br0:1" part only adds a label which allows ifconfig to
>> see the new address.
>>
>> As both addresses share the same range, you don't even have to worry
>> about source address as primary address (10.10.10.1 - or first one added
>> in general) will be used unless specified otherwise.
>>
>> Michal Kubecek

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ