[plug] Another network question (detailed answer plus bonus anecdote)

Leon Brooks leon at brooks.fdns.net
Tue Jun 10 12:24:55 WST 2003 

On Tue, 10 Jun 2003 11:51, Derek Fountain wrote:
> What does this do?:

> ifconfig lo:1 10.0.1.1

Type ifconfig and see.

It sets up an alias on your loopback interface to the address 10.0.1.1/8; this 
means that traffic to 10.* will go to your loopback interface, and if it's to 
10.0.1.1 then it'll be answered there, too.

This begs the question "what is the loopback interface?" It's a nonexistent 
interface that every machine has. Addresses like 192.168.1.254 are assigned 
not to *machines* but to *interfaces* like your ethernet card. The loopback 
interface is a purely virtual one (no associated hardware) which every 
machine should have, and should always carry the address 127.0.0.1/8.

One last network FAQ: 127.0.0.1/8 means that only the first 8 bits (the first 
number, before the dot) is significant for routing. The corresponding 
netmask, network address and broadcast addresses for this IP address are:

Netmask:   255.0.0.0
Network:   127.0.0.0
Broadcast: 127.255.255.255

To decide whether an address belongs in this network, it is logically ANDed 
with the netmask and then compared with the network address. So 127.0.0.1 AND 
255.0.0.0 == 127.0.0.0 but 192.168.1.254 AND 255.0.0.0 == 192.0.0.0 so is not 
in that network. The broadcast address is conventionally the last address in 
the network; you find it with "address OR NOT netmask".

This leads me to an anecdote: a friend of mine uses MS-Windows XP. One day, 
his laptop spontaneously decided that the loopback interface should no longer 
have a fixed address, but obtain one automatically (ie, through DHCP if 
possible, else pick one at random from the 169.254.0.0/16 network); so it 
did.

There aren't many DHCP servers that listen to the loopback interface, can't 
think why at the moment... anyway, it chose 169.254.blah.blah and many 
networking applications promptly lost the plot as their "loopback" traffic 
was no longer being answered at the loopback interface, but was instead 
routed out onto the LAN to be hammered flat by his Linux gateway's 
firewalling before it did any harm.

No worries, we decided (it took a while to figure out what had happened), 
we'll set the address back to where it had been. Fixed address, no worries, 
but it was still 169.254.blah.blah. 127.0.0.1? No, sorry, that's a reserved 
address, you can't assign that to an interface. <whack!>

The way we solved it was through another MS-Windows XP bug: all traffic to the 
loopback interface gets answered, even if it's to a nonexistent address. RFC? 
What's an RFC? Oh... never mind, this is Microsoft we're dealing with.

We set the interface address to 127.0.0.2/8 and everything worked again.

As it turns out, this is also a useful trick for chaperoning RDP traffic 
through a Linux firewall to an MS-Windows Terminal Server on the LAN behind 
it. Set up PuTTY to forward a connection from local port 3389 to the LAN 
address of the WTS box, port 3389, then fire up the WTS client and aim it at 
127.0.0.2. No probs, Bob (other than the canonical/random MS-Win issues).

Cheers; Leon

More information about the plug mailing list