Re: Solaris and lack of loopback routes

From: Chris A. Mattingly (chris.mattingly@interpath.net)
Date: 08/06/02


Date: Tue, 06 Aug 2002 12:28:39 -0400
From: "Chris A. Mattingly" <chris.mattingly@interpath.net>
To: Jon <warchild@spoofed.org>


Jon wrote:
>
> (reposted)
>
> On Tue, Jul 30, 2002 at 05:12:45PM -0400, Chris Mattingly wrote:
> > On FreeBSD, there is no route for the 127/8 network, but the stack
> > actually pays attention to the fact that lo0 has a netmask for the
> > entire /8 network, and traffic to any 127 address stays within the lo0
> > interface (never shows up on any of the other three physical
> > interfaces).
>
> Just to satisfy my curiousity, I dropped the loopback network route and
> changed the netmask of my loopback device to be 255.255.255.0 on my linux
> box (I don't have a Solaris box available at the moment). Still, all
> traffic bound for the loopback network was sent over the loopback device.
> This may be a linux specific feature that I'm not familiar with. Does a
> similar test on a Solaris box yield different results?

On Solaris, here's the breakdown:

o With a netmask of 255.0.0.0 and no routes for the 127/8 network,
  Solaris sends 127/8 traffic (except 127.0.0.1 for which there
  is a host route) out the "default" interface. It should not do
  this if it paid attention to the netmask on lo0.

o With a netmask of 255.0.0.0 and a specific route for 127/8, Solaris
  pays attention to the route and traffic for 127/8 IP addresses is
  not seen on the "default" interface.

o With a netmask of 255.255.255.0 and no specific route, Solaris
  still does the same as the first scenario -- all 127/8 traffic
  goes out the default interface.

o With a netmask of 255.255.255.0 and a specific route, Solaris
  behaves and follows the "demand" of the route statement.

So what it's boiling down to is that Solaris doesn't care what
the netmask is of the lo0 interface. Only when there is a
specific route in place will traffic stay on lo0 when it is
supposed to stay on lo0.

> > It's a good question as to why Solaris behaves in this manner...
>
> It's been bothering me on and off for some time now. Interestingly, it
> only bothers me when when we get spam bombed and the mail gets old and
> moldy in the queue for 4 days...

In my experience, use of RBLs really helps reduce that problem. :)

-Chris




Relevant Pages

  • Re: machine auto-disconnects from the network
    ... > Cris Carampa wrote: ... >> months before we splitted our network into internal LAN and DMZ using a ... >> netmask. ... The first route is created by ...
    (comp.unix.sco.misc)
  • Re: Solaris Arp Issue
    ... to make Solaris arp for the ... >> a device on network B that is proxy arping requests for network A. ... >> Solaris does not seem to want to arp, ... >> I've tried adding a static route to the interface, ...
    (comp.unix.solaris)
  • Re: Static route on Solaris 10 for point-to-point network
    ... Both systems running Solaris 10. ... Unfortunately, when the system reboots, Solaris removes ... network traffic. ... I believe if you are new enough patch level/update your route ...
    (comp.unix.solaris)
  • Re: machine auto-disconnects from the network
    ... > netmask and we solved it by changing something in the ... a network card with a subnetted class C netmask ends up with ... The first route is created by ... is being added by the routed daemon using an incorred netmask of ...
    (comp.unix.sco.misc)
  • Re: Solaris and lack of loopback routes
    ... > On FreeBSD, there is no route for the 127/8 network, but the stack ... changed the netmask of my loopback device to be 255.255.255.0 on my linux ... traffic bound for the loopback network was sent over the loopback device. ...
    (Focus-SUN)