SUMMARY: virtual interfaces -- which one is used?

Sweth Chandramouli (sweth@astaroth.nit.gwu.edu)
Thu, 15 Jan 1998 11:09:19 -0500

my question is quoted at the bottom. thanks to andrew mitchell, joe
pruett, erwin fritz, and frank cusack. to clarify one thing that i didn't
mention in my original post, i'm running solaris 2.5.1, so the ip_group
functionality of 2.6 isn't a factor here. the general consensus was to use
netstat to see where packets were going; i did so, and discovered that they are
all listed as coming through hme0:0 (both using -i to see apckets passed, and
using -r to see the routing tables). i have even pinged one of the virtual
interfaces from another machine, but the packets received are all listed as
coming through hme0:0; i don't know if this means that netstat doesn't know how
to deal with virtual interfaces, or what.
some people suggested downing and then reactivating the interface i
wanted to be the active one; i tried it with hme0:2, but again, all packets sent
through it seem (in netstat) to be going through hme0:0. also, i can no longer
reproduce the problem where the machine is rejected from the machine with an
access list.
any other suggestions, or do i just give up?

-- sweth.

On Mon, Jan 12, 1998 at 02:13:00PM -0500, Sweth Chandramouli wrote:
> can someone help me with this virtual interface problem? i had two
> interfaces defined--hme0, and hme0:1--with different names in dns associated
> with them (foo.com and bar.com, say). all outgoing packets seemed to be
> associated with hme0, and hme0:1 was only used when an outside machine sent
> packets to bar.com (or the associated ip).
> i recently added a third interface--hme0:2--that has no corresponding
> entry in dns. now, when outgoing packets seem to be coming from that
> interface
> by default; i don't know of a direct way to check this, but when i try to
> telnet
> to a machine that has a hosts.allow file (that only has the ip associated with
> hme0 in it), i get a message saying that i am not allowed to connect from the
> ip
> associated with hme0:2. on the other hand, i can telnet to any machine
> without
> a hosts.allow, and when i finger the account on the remote machine, it lists
> me
> as being logged in from foo.com--which is the dns that corresponds to the ip
> associated with hme0. so my first question (i've got a bunch) is, is there
> some
> way to directly check which interface is being used for outgoing traffic? and
> second, assuming that traffic now is going out on hme0:2, why is the remote
> machine without hosts.allow showing me as being logged in from foo.com?
> third,
> is there a way to set the default interface that is used? (this was asked a
> while ago on the list, but i never saw an answer, and can't find a summary in
> the archives.) and fourth, is there a way to set an application-specific
> interface? (e.g. have the system default to using hme0, but specific
> invocations of certain apps use hme0:2.)
> i'll post a summary, of course, and am also thinking about making a
> virtual interface faq, since while searching in the archives for an answer to
> this, i found a lot of other useful info on virtual interfaces that it would
> be nice to have in one place. (if anyone else has other virtual interface
> info or questions they think should be included, let me know. for the
> questions, though, i may end up asking the list for more answers. :) )
>
> tia,
> sweth.

-- 
"Countin' on a remedy I've counted on before
Goin' with a cure that's never failed me
What you call the disease
I call the remedy"  -- The Mighty Mighty Bosstones