Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
then i proceeded to test this, setting a browser to use proxy on the 3 IPs. going to ipchicken.com or whatismyip.com, i expected to get the 3 distinct IPs to show. instead, these services give me an IP which is the IP of the server, the one really bound to the ethernet device not just as a virtaul interface. and the IP that is showing is not among the 3 i use.
is this normal behavior if you use virtual interfaces? or am i missing something in the proxy configuration?
http_port 192.168.1.2:3128 192.168.1.3:3129 192.168.1.4:3130
Those are LAN IP addresses which are only valid in traffic between your machine and your first-hop router, not out on teh intarweb. Then a proxy routes traffic by it's set address and would never show addresses it proxies for unless the X-forwarded-for header is set, AFAIK.
Also, note that whatsmyip and similar services will only give you one IP and it will generally be the IP of the interface that has the default route in your routing table. (Unless you specifically configure your software to bind locally to another interface, but that's beyond the scope of this document).
hi guys, thanks for the reply. i am only using the private IPs above as an example. for security reasons, i am not gonna post the public IPs i am using on this forum. sorry if i wasn't very clear above, but i am using live public IPs for proxy.
also, this server only has 1 physical interface. the rest are virtual interfaces.
would you please elaborate a bit on that binding thing. maybe give me a few hints so i can search it on Google. i have not encountered this on my googling so far and would love to learn about this approach.
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
a) Hiding IPs for "security" reasons is useless, especially when the IPs are public! You get hit with more automated scans per day than any single person could begin to compete with by directly targeting your hosts. If there's an exploit out there, you're going to be hit with it eventually. Security by Obscurity is worthless. All you do is end up confusing and frustrating people who are trying to help you. Please use real IPs and domain names when submitting problems, it will help the rest of us solve your issue more quickly.
b) When a machine with multiple IPs opens a new outbound connection, it's always going to use the primary address on the NIC that the route goes out.
Normally, a client application (like a web browser) tells the operating system to "open a connection to A.B.C.D, port 80". If you write it differently, you can explicitly say "open a connection to A.B.C.D, port 80, from local connection E.F.G.H, port X". This is done by performing a bind() system call before the connect() call. (In reality, if you do connect() without bind first, connect does its own internal bind(), but you have no control over that).