lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <OFA7162E78.5F05251C-ON88257383.006F837E-88257383.00711D0D@us.ibm.com>
Date:	Mon, 29 Oct 2007 13:36:36 -0700
From:	David Stevens <dlstevens@...ibm.com>
To:	Vlad Yasevich <vladislav.yasevich@...com>
Cc:	netdev <netdev@...r.kernel.org>, netdev-owner@...r.kernel.org
Subject: Re: Configuring the same IP on multiple addresses

> For v6, there are plenty of operational reasons to not allow this.  You 
really
> turn unicast into anycast when you do this and there are special rules 
to
> be followed.

        I don't see it that way. The only "problem" I can think of offhand
is that you can't use a multi-interface address to identify an interface
(for example, for multicasting) and get predictable results (it'll pick
the first one it finds with that address, in no particular order). But
you can still use interface indexes, which are unique.
        Anycast is used for multiple distinct hosts, which isn't an issue
on the same host. It's already true, as you pointed out, that you can
receive a packet for any local address on any interface, so allowing
multiple instances means you still match it as local. Which interface
you match it on usually isn't relevant, and when it is are exactly the
cases where using duplicates might be appropriate.
        I can see where it might be useful if you have policy
restrictions on some interfaces and want the particular address
to be both in and out of a set. But, I agree, it's generally more
trouble (for an administrator), but then administrators don't have
to assign the same address to multiple interfaces. 

                                                        +-DLS

-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ