[7818] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

interface defaults again (Re: BGP announcements and small providers )

daemon@ATHENA.MIT.EDU (Paul A Vixie)
Tue Feb 25 16:26:43 1997

To: nanog@merit.edu
In-reply-to: Your message of "Tue, 25 Feb 1997 12:53:49 PST."
             <199702252053.MAA29077@kumr.lns.com> 
Date: Tue, 25 Feb 1997 13:23:58 -0800
From: Paul A Vixie <paul@vix.com>

> Knowing that NSPs are filtering /24s, how does an Internet Content
> Provider (ICP) with just a /24 (all that is needed) that is wishing
> to be dual-homed see all of the net?

Why even use a /24?  Here  is a "netstat -nr" from an interface default
client, which has an RFC1597 private network for its content server and a
BSD/OS 2.1 squid accelerator front-ending it.

	Destination      Gateway            Flags     Refs     Use  Interface
	default:de1      137.39.63.225      UGS         1        0  de1
	default:de2      204.74.120.1       UGS         1        0  de2
	default          137.39.63.225      UGS      1523 15365222  de1
	127              127.0.0.1          UGRS        0        0  lo0
	127.0.0.1        127.0.0.1          UH         11     6482  lo0
	137.39.63.224/27 link#2             UC          0        0  de1
	137.39.63.225    0:0:c:35:29:a0     UHL         1      307  de1
	137.39.63.227    0:0:f8:1:a5:8e     UHL         0       16  de1
	137.39.63.228    0:a0:24:94:5b:e9   UHL         0        3  de1
	137.39.63.255    link#2             UHL         0        1  de1
	192.168.1        link#1             UC          0        0  de0
	192.168.1.1      0:0:f8:2:b3:66     UHL         1       20  lo0
	192.168.1.2      8:0:69:2:65:e7     UHL         2   793220  de0
	192.168.1.255    link#1             UHL         1      206  de0
	204.74.120/27    link#3             UC          0        0  de2
	204.74.120.31    link#3             UHL         0        1  de2
	224/8            link#1             UC          0        0  de0

The diffs are all PD and should apply OK against other BSDish systems.  I
gave a more detailed talk about this at SF NANOG.  The diffs are also quite
short.

	% ftp ftp.vix.com
	ftp> cd pub/vixie/ifdefault
	ftp> ls
	-rw-rw-r--  1 716  ten  1731 Jan 31 06:15 ifconfig-diffs
	-rw-rw-r--  1 716  ten  5386 Jan 31 05:59 kernel-diffs
	-rw-rw-r--  1 716  ten  3696 Jan 31 06:23 netstat-diffs

You also need to set up a "socket" forwarder for things you want to be
handled by the private-net device:

  telnet  stream  tcp  nowait nobody /usr/libexec/tcpd socket 192.168.1.2 23
  other-ssl stream tcp nowait nobody /usr/libexec/socket socket 192.168.1.2 145

There's a small amount of sendmail.cf work needed to masquerade as the private
host and relay mail between the different address spaces.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[7818] in North American Network Operators' Group

interface defaults again (Re: BGP announcements and small providers )

daemon@ATHENA.MIT.EDU (Paul A Vixie)Tue Feb 25 16:26:43 1997

daemon@ATHENA.MIT.EDU (Paul A Vixie)
Tue Feb 25 16:26:43 1997