nanog mailing list archives

Previous By Date Next
Previous By Thread Next

interface defaults again (Re: BGP announcements and small providers )

From: Paul A Vixie <paul () vix com>
Date: Tue, 25 Feb 1997 13:23:58 -0800
Knowing that NSPs are filtering /24s, how does an Internet Content
Provider (ICP) with just a /24 (all that is needed) that is wishing
to be dual-homed see all of the net?


Why even use a /24?  Here  is a "netstat -nr" from an interface default
client, which has an RFC1597 private network for its content server and a
BSD/OS 2.1 squid accelerator front-ending it.

        Destination      Gateway            Flags     Refs     Use  Interface
        default:de1      137.39.63.225      UGS         1        0  de1
        default:de2      204.74.120.1       UGS         1        0  de2
        default          137.39.63.225      UGS      1523 15365222  de1
        127              127.0.0.1          UGRS        0        0  lo0
        127.0.0.1        127.0.0.1          UH         11     6482  lo0
        137.39.63.224/27 link#2             UC          0        0  de1
        137.39.63.225    0:0:c:35:29:a0     UHL         1      307  de1
        137.39.63.227    0:0:f8:1:a5:8e     UHL         0       16  de1
        137.39.63.228    0:a0:24:94:5b:e9   UHL         0        3  de1
        137.39.63.255    link#2             UHL         0        1  de1
        192.168.1        link#1             UC          0        0  de0
        192.168.1.1      0:0:f8:2:b3:66     UHL         1       20  lo0
        192.168.1.2      8:0:69:2:65:e7     UHL         2   793220  de0
        192.168.1.255    link#1             UHL         1      206  de0
        204.74.120/27    link#3             UC          0        0  de2
        204.74.120.31    link#3             UHL         0        1  de2
        224/8            link#1             UC          0        0  de0

The diffs are all PD and should apply OK against other BSDish systems.  I
gave a more detailed talk about this at SF NANOG.  The diffs are also quite
short.

        % ftp ftp.vix.com
        ftp> cd pub/vixie/ifdefault
        ftp> ls
        -rw-rw-r--  1 716  ten  1731 Jan 31 06:15 ifconfig-diffs
        -rw-rw-r--  1 716  ten  5386 Jan 31 05:59 kernel-diffs
        -rw-rw-r--  1 716  ten  3696 Jan 31 06:23 netstat-diffs

You also need to set up a "socket" forwarder for things you want to be
handled by the private-net device:

  telnet  stream  tcp  nowait nobody /usr/libexec/tcpd socket 192.168.1.2 23
  other-ssl stream tcp nowait nobody /usr/libexec/socket socket 192.168.1.2 145

There's a small amount of sendmail.cf work needed to masquerade as the private
host and relay mail between the different address spaces.
- - - - - - - - - - - - - - - - -
Previous By Date Next
Previous By Thread Next

Current thread: