The NETALIAS patch makes it feasible to have a very large number of IP addresses on one box by making it possible to configure a CIDR network block onto an interface in one go. The additional NETBIND feature allows a program to bind a socket to one of these network aliases. The patch should be applied to a FreeBSD system with the command patch -p0 < netalias-netbind.patch You need to add ``options NETALIAS'' and ``options NETBIND'' to the kernel configuration file and recompile the kernel. You also need to recompile any userland utilities that depend on struct inpcb, in particular systat, netstat, and fstat (and also ipfilter). This can be done with (for example) cd /usr/src/usr.bin/systat make all install clean This must be done even if you only use the NETALIAS functionality because struct inpcb is changed unconditionally. You don't need to do any special compile-time definitions. After rebooting, network aliases can be configured as follows: ifconfig lo0 inet 192.168.0.0 netmask 255.255.0.0 alias Commentary: The NETALIAS patch has four components: (1) A change to ifa_ifwithaddr() in net/if.c that allows an address to match an alias on an interface if the alias is a network address (i.e. zero outside the netmask) and the address is within the network (i.e. equal to the alias when masked by the netmask). (2) A change to netinet/ip_input.c that allows destination addresses on input packets to match a netaliased interface. (This is simpler than the change to if.c because it does not nead to deal with the general form of struct sockaddr.) (3) A similar change to icmp_reflect() in netinet/ip_icmp.c that makes ping work with netalias. (4) A couple of changes to netinet/in.c that makes the automatic addition and deletion of routes work by loosening the assumption that all aliases on the loopback interface only need host routes. (We usually bring up the netaliases on the loopback interface to avoid problems with ARP. XXX: Does ARP work at all with a netaliased physical interface?) The first three parts were originally implemented by Ronald Khoo <ronald@demon.net> for NetBSD 1.0. The latter change was added by me for cosmetic reasons when I ported the changes to FreeBSD 3.0. The NETBIND patch has three components: (1) A change to struct inpcb in netinet/in_pcb.h so that it includes a netmask. It is initialised to INADDR_BROADCAST (i.e. 0xFFFFFFFF) in in_pcballoc() in netinet/in_pcb.c. [Note that /usr/src/sys/netinet/in_pcb.h must be installed into /usr/include/netinet/in_pcb.h, and that netstat, systat, and fstat must all be recompiled so that they know of the change to the struct inpcb.] (2) When an address is bound to a socket, in_pcbbind() in netinet/in_pcb.c checks if the interface address is a netalias, and if so it copies the netmask into the protocol control block. (3) When a protocol control block corresponding to an incoming packet is looked up, in_pcblookup_hash() only checks for a match within the netmask. (This is normally the same as complete equality because of the default netmask, but matches any address in the network for a netbound socket.) The NETBIND functionality was implemented by me.
Responsible Changed From-To: freebsd-bugs->fanf Originator is a committer now.
State Changed From-To: open->suspended Mark suspended as this one doesn't seem like it's being actively worked on.
The ipfw fwd feature supports most of the functionality of NETALIAS, so this bug can be closed. See also http://fanf.livejournal.com/124030.html