OpenBSD Journal

[AskOBSDJ] Dynamic IP aliasing?

Contributed by Dengue on from the John-Lions-2002-Award-Winner dept.

Ray writes :
"I was just searching for OpenBSD on news.google.com when I found this:
< http://www.smh.com.au/articles/2002/11/07/1036308409764.html>. It seems interesting, but there's very little information in the article. Anyone know what Dynamic IP aliasing is all about? "
Whatever it's about, it was good enough to win a prize! Luke's thesis is available here: http://www.cse.unsw.edu.au/~lukem/thesis/ , and the press release from the Australian UNIX and Open Systems User Group (AUUG, Inc.) is here: http://www.auug.org.au/publications/press/lionsWinner2002.html .

(Comments are closed)


Comments
  1. By your mom () your@mom.com on mailto:your@mom.com

    Looks like this is an implementation of BSDI's undocument SO_BINDANY socket option for OpenBSD. Basically, it allows applications to receive packets
    for IP addresses that aren't already aliased to the machine. You will have to be receiving the packets (they have to be routed to you somehow, or you have to be the router for them). It is more or less a pointless option, when you can get the same effect without adding setsockopt() to your applications (and therefore without recompiling them) and just do ifconfig lo0 alias x.x.x.x netmask 255.255.255.255. Of course, you could have figured all this out from reading lukem's thesis and source code, but I guess when you wouldn't have been able to ask stupid quesitons online!

    Comments
    1. By ding () ding@bat.com on mailto:ding@bat.com

      There are no stupid questions, just stupid people, and you happen to be one of them.

      The dude had a perfectly valid question, no need to be wanker about it. I hope you contract some sort of unpleasant skin disorder.

      Comments
      1. By Noob () on

        I'm glad I wasn't the only one who felt that the previous comment was a bit harsh. Maybe true, but maybe providing the original comment in a more positive setting would have been better. I would hate for anyone to have a bad experience sharing something and then no longer feel the need to contribute because of a harsh comment towards them.

        Big deal things happen. :-)

  2. By Anonymous Coward () on

    It's kind of nasty, actually. This is a way to provide transparent content filtering, and I'd argue that content filtering should NOT be transparent - it should be negotiable between endpoints and the device doing the filtering. At the very least the endpoint to which the content is being delivered should be notified that someone is mucking with his data.

  3. By anonymous () on

    So far there hasn't been much comment about the actual capabilities of this code. I read the thesis, but not the code, so maybe I'm talking out my ass here, but I thought it was a pretty cool idea. Surely there are security applications for this code, aren't there?

    Comments
    1. By big daddy () poindextersmokingbiggreenbuds@darpa.mil on mailto:poindextersmokingbiggreenbuds@darpa.mil

      uhh, why not read the code? the kernel diff
      is like a whole 2k long. it would take about as long as it did for you to type this question.
      surely people can read, can't they??

  4. By Anonymous Coward () on

    you paranoid bastard :)

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]