Hi

Not sure if this has been discussed or if this is the right group but it seems to be the place to start.

My plans


+----------+ +-----------+ +------------+
| DSLAM | ========== | NB 1300 | --------| Linux (Me) |
+----------+ +-----------+ +------------+


Current I have 1 ip. I use a Netcomm 1300 in bridged mode. I run Debian Gnu/linux with PPPOE.

Right now if have a p-t-p setup

202.154.115.130 peer 202.154.95.169/32

Now how are Swiftel/Telstra planning on doing this

will I get 202.154.115.128/30 what is going to be the other side what will be my peer address.


Or will I get
202.154.115.128 peer 202.154.95.169/32
202.154.115.129 peer 202.154.95.169/32
202.154.115.130 peer 202.154.95.169/32
202.154.115.131 peer 202.154.95.169/32

I would really like to get use of all the 4 addresses, so my plans or thoughts are to either

a) Proxy-arp 3 of the addresses through to another 3 machines

b) bridge 3 other interfaces to pppoe interface

I am thinking of (b), I have more experience in this area.

I am presuming my peer address is not going to be in the addresses range given to me.

Any thoughts, any one else done this ?

Hi

Not sure if this has been discussed or if this is the right group but it seems to be the place to start.

My plans


+----------+ +-----------+ +------------+
| DSLAM | ========== | NB 1300 | --------| Linux (Me) |
+----------+ +-----------+ +------------+


Current I have 1 ip. I use a Netcomm 1300 in bridged mode. I run Debian Gnu/linux with PPPOE.



I have currently


+----------+ +-----------+ +------------+ +-------+
| DSLAM | ========== | NB 3300 | --------| Linux -- PC
+----------+ +-----------+ +------------+ +-------+


With a /30 allocation in addition to my static IP.

The output of my ifconfig is:

sporran[~]ifconfig
eth0 Link encap:Ethernet HWaddr 00:60:67:01:88:8B
inet addr:192.168.1.3 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1613827 errors:0 dropped:0 overruns:0 frame:0
TX packets:1367797 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:1412609887 (1347.1 Mb) TX bytes:195679959 (186.6 Mb)
Interrupt:9 Base address:0xf000

eth0:1 Link encap:Ethernet HWaddr 00:60:67:01:88:8B
inet addr:218.214.4.xxx Bcast:218.214.4.255 Mask:255.255.255.255
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:9 Base address:0xf000

eth0:2 Link encap:Ethernet HWaddr 00:60:67:01:88:8B
inet addr:218.214.4.xxx Bcast:218.214.4.255 Mask:255.255.255.255
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:9 Base address:0xf000

eth1 Link encap:Ethernet HWaddr 00:A0:0C:C2:88:6C
inet addr:10.0.0.1 Bcast:10.0.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5416788 errors:0 dropped:0 overruns:0 frame:0
TX packets:3908113 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:2437505587 (2324.5 Mb) TX bytes:2327411411 (2219.5 Mb)
Interrupt:9 Base address:0xd400

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:2803835 errors:0 dropped:0 overruns:0 frame:0
TX packets:2803835 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1393904531 (1329.3 Mb) TX bytes:1393904531 (1329.3 Mb)

ppp0 Link encap:Point-to-Point Protocol
inet addr:218.214.0.xxx P-t-P:202.154.95.173 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1492 Metric:1
RX packets:725305 errors:0 dropped:0 overruns:0 frame:0
TX packets:593764 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:614840274 (586.3 Mb) TX bytes:86732388 (82.7 Mb)



Right now if have a p-t-p setup

202.154.115.130 peer 202.154.95.169/32

Now how are Swiftel/Telstra planning on doing this

will I get 202.154.115.128/30 what is going to be the other side what will be my peer address.



I wouldn't worry about that what your peer address is going to be. Swiftel will route the /30 to your static IP. The entry will be something like ip route x.x.x.x 255.255.255.252 your.static.ip.address


Or will I get
202.154.115.128 peer 202.154.95.169/32
202.154.115.129 peer 202.154.95.169/32
202.154.115.130 peer 202.154.95.169/32
202.154.115.131 peer 202.154.95.169/32



See above. You can set up /32 address on your linux box as I have



I would really like to get use of all the 4 addresses, so my plans or thoughts are to either

a) Proxy-arp 3 of the addresses through to another 3 machines

b) bridge 3 other interfaces to pppoe interface

I am thinking of (b), I have more experience in this area.

I am presuming my peer address is not going to be in the addresses range given to me.

Any thoughts, any one else done this ?

You're not going to be able to use 4 addresses out of a /30 allocation no matter how you try. That's the way VLSM (variable length subnet masks) work - when you take away the network and broadcase addresses, you're left with 2 usable.

You know I never thought they would leave me with my original ip. Always miss the things right in front of me


[/b]

I wouldn't worry about that what your peer address is going to be. Swiftel will route the /30 to your static IP. The entry will be something like ip route x.x.x.x 255.255.255.252 your.static.ip.address

[/b]

See above. You can set up /32 address on your linux box as I have




You're not going to be able to use 4 addresses out of a /30 allocation no matter how you try. That's the way VLSM (variable length subnet masks) work - when you take away the network and broadcase addresses, you're left with 2 usable.


Okay what about doing p-t-p routing from the outside interface to 4 individual machines and they have default route back along dev eth0.

(is that clear?)

Originally posted by alexs
You know I never thought they would leave me with my original ip. Always miss the things right in front of me


Okay what about doing p-t-p routing from the outside interface to 4 individual machines and they have default route back along dev eth0.

(is that clear?)

I think I understand what you're asking - can you do a little diagram so that I'm 100% certain?

Remember, that if you want 4 devices to have public IP addresses, you're going to need a /29 allocation, which will give you 6 usable addresses.

Is this what you're trying to do?

Originally posted by sticky_chicken
I think I understand what you're asking - can you do a little diagram so that I'm 100% certain?

Remember, that if you want 4 devices to have public IP addresses, you're going to need a /29 allocation, which will give you 6 usable addresses.

Is this what you're trying to do?


Hey looks good, the router is a linux box end yes I want 4 usable machine. No I don't want a broadcast or network address adn I don't want to pay for a /29

My thoughts were, just to clarify my last post.

a.a.a.a is my current /32 static ip

b.b.b.1
b.b.b.2
b.b.b.3
b.b.b.4

are the 4 extra ip's

In the same way as 2 /32 are used to setup the link from the dslam to my machine, I will (going to try) to setup a point to point setup to the other machines

Hey looks good, the router is a linux box end yes I want 4 usable machine. No I don't want a broadcast or network address adn I don't want to pay for a /29



Bear in mind that I don't work for swiftel, but as a networking professional, I suspect this is how the routing would be:

On the swiftel router:

ip route x.x.x.x 255.255.255.252 (i.e /30) a.a.a.a (where a.a.a.a is your current IP address).

By doing this, they are routing the /30 subnet to you.

At your end, you can have two /32 entries, as I did, or you can allocate the /30 to a device - either way, unfortunately there is no way (that I'm aware of) where you can use all 4 addresses out of a /30 subnet


My thoughts were, just to clarify my last post.

a.a.a.a is my current /32 static ip

b.b.b.1
b.b.b.2
b.b.b.3
b.b.b.4

are the 4 extra ip's

In the same way as 2 /32 are used to setup the link from the dslam to my machine, I will (going to try) to setup a point to point setup to the other machines

The way you route those IP addresses once they hit your LAN are entirely up to you, but I know that - again unless there's another way that I don't know of - you will only be able to use 2 out of the 4 addresses from the /30 allocation.

Not to be rude, but why do you want more addresses? I use mine for 2x nameservers - the rest run off the 1 static address I got and I use NAT/Masquarding for my devices on the LAN that require access to the rest of the world.

Originally posted by sticky_chicken


--snip---

On the swiftel router:

ip route x.x.x.x 255.255.255.252 (i.e /30) a.a.a.a (where a.a.a.a is your current IP address).

By doing this, they are routing the /30 subnet to you.

agree

--snip---

The way you route those IP addresses once they hit your LAN are entirely up to you, but I know that - again unless there's another way that I don't know of - you will only be able to use 2 out of the 4 addresses from the /30 allocation.


Yeah, why can't I make it a ptp link, same way as the adsl link is. Notice you pppoe ip address is a /32, why not be able to route 4 ip diretlty to the end machines. They don;t need to braodcast on the localnet.



Not to be rude, but why do you want more addresses? I use mine for 2x nameservers - the rest run off the 1 static address I got and I use NAT/Masquarding for my devices on the LAN that require access to the rest of the world. [/B]


It has become a challange, which I think I can solve, just curious if other people have tried.

--snip---


Yeah, why can't I make it a ptp link, same way as the adsl link is. Notice you pppoe ip address is a /32, why not be able to route 4 ip diretlty to the end machines. They don;t need to braodcast on the localnet.

It has become a challange, which I think I can solve, just curious if other people have tried.


Ok, you have a ppp link already established either from your modem or if you're using it as a bridge, with Roaring Penguin or someother app.

So now you want to have ppp connections from all 4 boxes on your LAN to where? If I understand what you're saying, then this is what you're after?

The Swiftel router needs to be told where to send packets for your /30 allocation right? Because the /30 allocation is provided from an even larger block, say a /23 or a /22 you're still going to lose out as soon as the route is added at Swiftel's end because of the way VLSMs work.

Please don't think that I'm being condescending towards you, I'm just working it out with you :)

So, here's a very simplified summary:


Swiftel will advertise (most likely via BGP) the IP address space it owns in a summarised manner e.g. for 218.214.0.0 - 218.214.3.255 would be advertised as 218.214.0.0/22 on their border routers.

As traffic that is destined to an IP address out of that range from the outside world hits the Swiftel routers, an internal routing protocol (say OSPF) handles the routing until it hits your gateway. From there, your router decides how it is going to forward the traffic that is destined to your /30 allocation, and because of the manner in which the routing up to the point it reaches your gateway/router has been summarised, you're only going to be able to effectively use 2 out of the 4 addresses.

Once you send any traffic back out to the internet with a source address that's say the broadcast address of your /30 allocation, it ain't gonna work. The very best you could expect is that the packets will go out, but won't know how to return to a host rather than a broadcast.

Originally posted by sticky_chicken
Ok, you have a ppp link already established either from your modem or if you're using it as a bridge, with Roaring Penguin or someother app.

So now you want to have ppp connections from all 4 boxes on your LAN to where? If I understand what you're saying, then this is what you're after?

The Swiftel router needs to be told where to send packets for your /30 allocation right? Because the /30 allocation is provided from an even larger block, say a /23 or a /22 you're still going to lose out as soon as the route is added at Swiftel's end because of the way VLSMs work.

Please don't think that I'm being condescending towards you, I'm just working it out with you :)

So, here's a very simplified summary:


Swiftel will advertise (most likely via BGP) the IP address space it owns in a summarised manner e.g. for 218.214.0.0 - 218.214.3.255 would be advertised as 218.214.0.0/22 on their border routers.

As traffic that is destined to an IP address out of that range from the outside world hits the Swiftel routers, an internal routing protocol (say OSPF) handles the routing until it hits your gateway. From there, your router decides how it is going to forward the traffic that is destined to your /30 allocation, and because of the manner in which the routing up to the point it reaches your gateway/router has been summarised, you're only going to be able to effectively use 2 out of the 4 addresses.

Once you send any traffic back out to the internet with a source address that's say the broadcast address of your /30 allocation, it ain't gonna work. The very best you could expect is that the packets will go out, but won't know how to return to a host rather than a broadcast.

Don't worry not taking this personally.

just got my addresses
168
169
170
171

I understand how the netmask get smaller and smaller. But how does the swiftel router now that 168 is a network addresses or that 171 is the broadcast address.

By your logic above, somebody in usa sendme a packet from say 1.2.3.4 to a.b.c.168 (my network address), their packet would not make it to my linux box, once it has made it there I can from Linux do routing rule like

ip roue add a.b.c.168/32 dev XXXX

where XXXX could be eth0 or eth4, the packet would make it to the wire and the box on the end of it would recieve the packet. No one along the way has done anything special to the packet, it has been routed unchanged all the way.

The tricky thing is the way back, the machine has its ip addresses set to a.b.c.168/32 with a default route out the dev eth0 (or what ever device is connected the same wire)

That should work.

Haven't played with BGP, but I have had played with OSPF, as far as I remember none of definitions say to not route the network or the broadcast addresses.

I guess the snyopsis is that all packest destined for my /30 will reach my linux box unchanged, how I then route them on is the tricky thing

Okay I think I have a working solution

I tested this with a UML running on my Linux box but this could be extended out to a normal network


So my linux box has

4 ips 9.9.9.8/30

ppp0 - ADSL (1.1.1.1)
tap0 - Connection UML0 (192.168.4.1 scope link)
tap1 - Connection UML1 (192.168.4.1 scope link)
tap2 - Connection UML2 (192.168.4.1 scope link)
tap3 - Connection UML3 (192.168.4.1 scope link)
eth0 (UML0) (9.9.9.8/32)
eth0 (UML1) (9.9.9.9/32)
eth0 (UML2) (9.9.9.10/32)
eth0 (UML3) (9.9.9.11/32)


on the linux box
ip route add 9.9.9.8/32 dev tap0
ip route add 9.9.9.9/32 dev tap1
ip route add 9.9.9.10/32 dev tap2
ip route add 9.9.9.11/32 dev tap3

On uml0
ip route add default via 1.1.1.1 dev eth0

On uml1
ip route add default via 1.1.1.1 dev eth0

On uml2
ip route add default via 1.1.1.1 dev eth0

On uml3
ip route add default via 1.1.1.1 dev eth0

Note the 192.168.4.1 was just any non routeable ip addresses, I could have used 1.1.1.1 but this screwed up my ipsec stack 8(

This should extend out to proper ethernet links, but my guess is that you would need to have a linux box on the end, not sure how windows would handle this.

as (yet another) network analyst/engineer/etc .....

if you look at your p-t-p setup you should get an idea that you can use and route all of those /32's (1 route for each on your router/linux box) that will leave the same interface. as has been mentioned, tho, i haven't seen this used on MS OS's ... should work tho .... *ponder*


-Grunthos (the route monkey)