On Tue, 20 Jul 2004, James W. McKeand wrote:

> Not without VLAN support - which is in 1.1b16 - and an infrastructure that
> can support 802.1Q VLANs.

Not quite - see below.

> From: Alex Bihlmaier [mailto:thalunil at kallisti dot de] 
> Sent: Tuesday, July 20, 2004 3:40 PM
> James W. McKeand wrote:
> 
> > Alias in the Firewall section is for creating placeholders for IP address.
> > So if you change the IP of a host, you do not have to edit all the 
> > rules associated with the host, just edit the alias. Take a look at 
> > the note on the Alias page.
> > 
> > Can you separate your IP networks to two physical networks by moving 
> > one IP network to a separate switch/hub? Are you using managed network 
> > gear that will allow you to create segments (I think this is the
> definition of VLAN)?
> 
> Ah. Aliases is not an IP Aliasing. Okay, so no problem.

Yes, unfortunate choice of terminology. :-)

> Is there no there possibility to assign multiple IPs to the LAN interface
> (except the /exec.php stuff with ifconfig <int> ip alias)

There is also a mechanism for executing shell commands at startup by
putting them in a <shellcmd></shellcmd> item in the <system> section of
config.xml.  You can use this to add aliases to *statically* configured
interfaces (which the LAN interface currently *must* be), though I haven't
tried it.  But I wouldn't expect it to work for dynamically configured
interfaces, since I don't think the kernel likes to see aliases before the
primary address is set.

Doing this sort of thing more generally would require the ability to
execute specified command(s) when a given interface comes up, i.e. after
dhclient or mpd if necessary.

I recommend testing any command you intend to put there via exec.php
first, since if you put something in the config that screws it up, it may
be a hassle to undo.

					Fred Wright