If you've ever thought to yourself, "self, I'm going to borrow these public IP addresses which aren't mine and use them for my internal, natted network", well then let me set you straight. Don't do it. Disaster will strike at some point and the consequences will not be good. But if you do it anyway, don't expect me to feel sorry for you either.

Also, NAT sucks.

Despite what some simple Googling might imply, it's entirely possible to use a /32 as a netmask for an IP address on Linux. The important detail is that it can't be the primary IP address. That primary can be an RFC1918 address (i.e. nonrouteable on the Internet) but your default gateway needs to be able to route to you via something other than the /32.

Here's the setup. Assume a Cisco router on 192.0.2.1/24 and a Linux server on 192.0.2.2/24. The /32 we'll use is 192.0.3.1/32.

On the server:

ip addr add dev eth0 192.0.2.2/24
ip addr add dev eth0 192.0.3.1/32

On the router:

interface FastEthernet0/1
ip address 192.0.2.1 255.255.255.0
ip route 192.0.3.1 255.255.255.255 192.0.2.2

At this point, you should be able to ping both 192.0.2.2 and 192.0.3.1 from the router.

The other step you may need to take is to add some routing on the Linux server to source from the 192.0.3.1 address. Normally traffic that is received on that IP will reply with that IP, so that's fine, but for new traffic if you want the source to be the /32, you'll need a special route:

ip route add 10.0.0.0/8 via 192.0.2.1 src 192.0.3.1

See, I told you it was easy.

Video of me at the Utah Open Source Conference from last year. I do sound a bit nervous, but nowhere as nervous as I actually felt. Looks like it turned out pretty well. I do apologize to whomever it was I hit in the head with flying candy.

Networking 101

I will be presenting at the Utah Open Source Conference (UTOSC) again this year. On tap are 3, count 'em, 3 presentations. I'm still not quite sure what possessed me to submit 3 abstracts but I did and (just to spite me I think) they accepted all of them.

Refer to the schedule for any last minute changes but for now here are the times I'm speaking.

• Oct 08, 3:00 p.m. Networking 101
• Oct 08, 7:15 p.m. Are you ready for IPv6
• Oct 10, 11:00 a.m. Introduction to Perl for scripting

Hope to see you there.