TCP alias problem

Bill Campbell bill
Mon May 17 11:46:44 PDT 2004 

On Wed, Apr 23, 2003 at 06:33:45PM -0500, David A. Bandel wrote:
>On Wed, 23 Apr 2003 15:54:47 -0700
>Bill Campbell <bill at celestial.com> wrote:
>
>> I'm having a very ``interesting'' problem with a Caldera eDesktop 2.4
>> system that's causing problems with NFS mounts from Apple iMacs
>> running OS X.  Looking at tcpdump output I see the NFS request from
>> the Mac going to the primary interface, eth0, on the NIC, but the
>> response is going back from Caldera box from another interface,
>> eth0:3.  The Mac doesn't see this as an appropriate reply since it's
>> coming from the wrong IP address, hence the mount fails.  I have
>> manually mounted using the IP address of eth0:3 which allows the mount
>> to succeed, but there are other problems.
>> 
>> I've tried ssh to various systems on the LAN, and they also appear to
>> originate from the eth0:3 interface.  On the other hand, I've tried
>> ssh via an IPSec VPN tunnel to our private network here, and the IP
>> address comes back as eth0.
>> 
>> Why would outgoing connections and replies appear to originate from
>> the aliased interface instead of from eth0?
>
>can you provide the ip/mask?

I thought that was in the ifconfig output I attached to the original
message.  In any case I'm attaching it again.  In any case, eth0 is the
lowest IP address, and all the others have the same netmask.

BTW:  The reason for multiple IP addresses here is to support multiple
djbdns servers which need to be accessible from other systems on the LAN
and across a VPN from our customer's site to ours where both are doing
split-horizon DNS for public and private DNS space.

>Generally, you'll see this not as an IP/interface problem, but as a
>route problem.  The kernel picks the first route (generally the smallest
>mask, i.e., least generic, most specific route) that gets the packet to
>the host.  Look at your routing table.  I'll bet a virtual beer the
>route being used is the first match in your routing table (and if your
>masks are not identical, this will be the "smallest" mask).

I've attached ``netstat -rn'' output as well (I prefer Mackeson's stout --
the kind sold in the U.K. not the version sold here :-).

>To solve the problem, make eth0 your smallest mask and your aliases your
>larger masks.
>
>Now if your masks are the same, it goes in order from lowest network
>number to the highest.  Solution is the same, manipulate which interface
>gets which IP to make eth0 (not eth0:3) the first one.

Isn't that what we have here?

Bill
--
INTERNET:   bill at Celestial.COM  Bill Campbell; Celestial Software LLC
UUCP:               camco!bill  PO Box 820; 6641 E. Mercer Way
FAX:            (206) 232-9186  Mercer Island, WA 98040-0820; (206) 236-1676
URL: http://www.celestial.com/

Government spending?  I don't know what it's all about.  I don't know
any more about this thing than an economist does, and, God knows, he
doesn't know much.
		-- Will Rogers
-------------- next part --------------
eth0      Link encap:Ethernet  HWaddr 00:02:55:7C:E9:31  
          inet addr:192.168.254.3  Bcast:192.168.254.255  Mask:255.255.255.0
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          RX packets:163969377 errors:1 dropped:0 overruns:0 frame:1
          TX packets:121893031 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          Interrupt:27 Base address:0x2000 

eth0:0    Link encap:Ethernet  HWaddr 00:02:55:7C:E9:31  
          inet addr:192.168.254.13  Bcast:192.168.254.255  Mask:255.255.255.0
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          Interrupt:27 Base address:0x2000 

eth0:1    Link encap:Ethernet  HWaddr 00:02:55:7C:E9:31  
          inet addr:192.168.254.14  Bcast:192.168.254.255  Mask:255.255.255.0
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          Interrupt:27 Base address:0x2000 

eth0:2    Link encap:Ethernet  HWaddr 00:02:55:7C:E9:31  
          inet addr:192.168.254.15  Bcast:192.168.254.255  Mask:255.255.255.0
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          Interrupt:27 Base address:0x2000 

eth0:3    Link encap:Ethernet  HWaddr 00:02:55:7C:E9:31  
          inet addr:192.168.254.16  Bcast:192.168.254.255  Mask:255.255.255.0
          UP BROADCAST RUNNING PROMISC MULTICAST  MTU:1500  Metric:1
          Interrupt:27 Base address:0x2000 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:3924  Metric:1
          RX packets:8518928 errors:0 dropped:0 overruns:0 frame:0
          TX packets:8518928 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 

-------------- next part --------------
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
192.168.254.0   0.0.0.0         255.255.255.0   U         0 0          0 eth0
192.168.254.0   0.0.0.0         255.255.255.0   U         0 0          0 eth0
127.0.0.0       0.0.0.0         255.0.0.0       U         0 0          0 lo
0.0.0.0         192.168.254.8   0.0.0.0         UG        0 0          0 eth0

More information about the Linux-users mailing list