-1

In a point to point tunnel, I was able to have the same IP twice. It looks like a bug, I think that might be related to some internal representation of the netmask. It can be reproduced with the steps below.

I created a tun tunnel like this:

ip tuntap add dev tun3 mode tun user alice group alice
ip address add 10.8.0.1 peer 10.8.0.2/32 dev tun3

I listed the address:

$ ip address list dev tun3
…
inet 10.8.0.1 peer 10.8.0.2/32 scope global tun3
…

As you see, there seems to be no netmask associated with 10.8.0.1. But ifconfig reports /32:

$ ifconfig tun3
…
inet 10.8.0.1  netmask 255.255.255.255  destination 10.8.0.2
…

If I use iproute2 to add the same address 10.8.0.1/32, there is no error, the address is added and then listed.

# ip address add 10.8.0.1/32 dev tun3
$ ip address list dev tun3
…
inet 10.8.0.1 peer 10.8.0.2/32 scope global tun3
…
inet 10.8.0.1/32 scope global tun3
…

The question is, why? I was expecting a:

    RTNETLINK answers: File exists

In case you wonder why I would try this, I was trying to help with this question.

Eduardo Trápani
  • 1,210
  • 8
  • 12

1 Answers1

-2

Instead of using ifconfig for IP assignment you could stick to use of ip from iproute2 package. Its manual describes this quite clearly:

man ip-address: "…

peer ADDRESS the address of the remote endpoint for pointopoint interfaces. Again, the ADDRESS may be followed by a slash and a decimal number, encoding the network prefix length. If a peer address is specified, the local address cannot have a prefix length. The network prefix is associated with the peer rather than with the local address.

…"

poige
  • 9,448
  • 2
  • 25
  • 52
  • That has nothing to do with it. I updated the steps to reproduce it, sticking to `iproute2` and the additional address is listed anyway. It seems the local ip address of the tunnel is somehow _netmask-less_. – Eduardo Trápani Jan 14 '20 at 15:25
  • That has everything to do with that. It's explained in the manual itself: "local address cannot have a prefix length". – poige Jan 14 '20 at 15:27
  • Please read the _full_ quote in your answer. You cannot have a prefix length **because** _the network prefix is associated with the peer rather than with the local address._ I might be wrong, but it looks to me like the local address does have a network prefix, related to that of the peer. What is it, a /32? If yes, I should not be able to duplicate the address. If not a /32, which one then? – Eduardo Trápani Jan 14 '20 at 15:36
  • "Please read the full quote in your answer" — so you've started reading manuals. I welcome that. ;) – poige Jan 14 '20 at 15:45