Mailing List Message #9401
From: Michael A. Pasek <>
Subject: IP aliases (was Re: Blacklist automation)
Date: Sat, 3 Nov 2001 12:21:16 -0600
To: <>
On 11/2, Terry Allen <> wrote:

 [much stuff deleted]
Although I don't use OS X yet, I have had dealings with WebTen's
dual IP setup - have you tried pinging the second IP address from a remote
machine? Under normal circumstances, it's not possible to view 2 IP
addresses from the one ethernet interface on the machine that's running it,
but from another machine you can. So, the second IP might be working even
if you can't see it from the machine you're working on.

The reason you can't ping from the machine you're working on is because the
TCP/IP stack doesn't know it is _on_ the machine.  This is a matter of
telling the rest of the stack that it _is_ on the machine.  From my
experience with a variant of BSD, I'll try to explain how to get around
that problem.  Let's say your "native" IP address is, with
a netmask of  Let's take two cases:
  1) You want to add an alias of (i.e., in the same "network");
  2) You want to add an alias of (i.e., a different "network").


Case 1:
  To add the alias to interface "en0", type:
     ifconfig en0 add netmask
  To make it visible on "this machine", type:
     route add -host

Case 2:
  To add the alias to interface "en0", type:
     ifconfig en0 add netmask
  To make it visible on "this machine", type:
     route add -host

NOTES on the above:
  Case 1:
    The "netmask" specified on the ifconfig is redundant, and may result
    in an error message when (if) "ifconfig" attempts to add a route for
    the network (since that route was already added when the primary IP
    address was configured).  The netmask is redundant because it is the
    default netmask for that class (C) of IP address.
  Case 2:
    The "netmask" specified on ifconfig MAY be redundant.  If, in fact, the
    netmask _is_, then it is the default for that class (B)
    of IP address, then the netmask need not be specified.  If, however, the
    desired netmask is NOT, then the appropriate netmask must be
    specified so that "this" machine can reach the other machines that are
    attached via the configured interface and to prevent it from trying to
    ARP for machines that should be reached via gateways.

For both cases, it may be possible to specify the actual "primary" IP
address ( rather than the "local loopback" address (
on the "route add" statement, but I know that the local loopback worked
for me on the systems I was using.  Also, it is usually desirable to make
these additions at startup time, rather than manually "typing" them in as
I've indicated.  How this is done will vary, but I've usually done it
(again, in the BSD variant) by adding the statments to "/etc/rc.local".

Michael A. Pasek
Pasek Consulting, Inc.
9741 Foley Boulevard NW
Coon Rapids, MN  55433-5616
(612) 597-5977
Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster