# Virtual... alias...



## Seeker (Jul 7, 2009)

I am connected to internet through vr0 device.
DHCP does it all.
It's netmask gives me a lot of publicly available IP's

I've set in rc.conf, 2 aliases of it.
Like: ifconfig_vr0_alias0="...."
It worked!

But I wana that device(vr0), to have only one IP assigned through DHCP, by ISP.

So I would like to create virtual device and hook to it, about 20 IPs.
That is..., it's sole purpose(newly created virtual device), is to hold those IPs, nothing else.
This will also make configuring my PF firewall rules easy.
Finally, those IP's are intended for Apaches Virtual servers(IP bassed, of course).

Now, is this a good idea?
If yes, then how do I create that virtual device.
Thank in advance.


----------



## Seeker (Jul 9, 2009)

After having a sleep (can you believe that amazing power of sleep, after which unsolvable problem becomes a joke ï¿½e), I just remembered that there already is that kind of device.
*lo0*
I've hooked IP's to it.
Like: ifconfig_lo0_alias0="...."

They are fully "pingable"

Now to try to use them, with apache... :stud


----------



## Seeker (Jul 16, 2009)

I need a help...
They are fully "pingable" ,but NOT from the outside world!

My vr0 device always get assigned IP A.B.208.173 subnet: 255.255.252.0

This should mean that I can use A.B.208.1 to A.B.211.254

I would like to have:
A.B.209.1
A.B.209.2
A.B.209.3

How do I do it?


----------



## SirDice (Jul 17, 2009)

Check with your ISP and see if they are actually forwarding those IPs to you.


----------



## Seeker (Jul 17, 2009)

Since I am not an expert of networking, I've made a big wrong assumption.

My PC is conected to the optical fiber router, trough ethernet.
That ethernet device get assigned always a same IP
IP A.B.208.173 subnet: 255.255.252.0

I thought, that according to subnet I have 1022 IP's at my hands, to choose from.
Actually, my ISP is the one that has 1022 IP's at disposal and gave me a one IP, that is A.B.208.173

My inadequate knowledge of subneting misled me.
I thought that subnet 255.255.255.255 would be clear, but as it was 255.255.252.0, I thought there is 1022 IP's for me.
Duh! What a waste of time.

Additionally, how would I get a packet of IP's if I wanted?
Where do I buy/lease them.

And a...
What is a comand line tool for:
If eth device's IP is NOT A.B.208.173 then send me a warning email to...


----------



## aragon (Jul 17, 2009)

As SirDice pointed out, a lot depends on what your ISP is doing.  The correct way to get more IP addresses would be to ask your ISP for more.  The naughty way would be simply to try alias another IP onto your vr0 interface in the same IP range and see if they're pingable from outside.

You can't just buy/lease IP addresses on your own.  Firstly, you need to be an ISP who can justify it to your local numbering authority.  Secondly, they're not cheap, and never sold in batches smaller than /22.  Thirdly, even after you get an IP block, you have to convince your upstreams and peers to route traffic to it over your connection.  More to the point, if you want more IP addresses, you have to ask your ISP.

To answer your last question, write a crontab(5) script.


----------



## Seeker (Jul 17, 2009)

aragon said:
			
		

> ...The naughty way would be simply to try alias another IP onto your vr0 interface in the same IP range and see if they're pingable from outside.


Tried as showed above and nada! :\



			
				aragon said:
			
		

> You can't just buy/lease IP addresses on your own.  Firstly, you need to be an ISP who can justify it to your local numbering authority.  Secondly, they're not cheap, and never sold in batches smaller than /22.  Thirdly, even after you get an IP block, you have to convince your upstreams and peers to route traffic to it over your connection.  More to the point, if you want more IP addresses, you have to ask your ISP.


Is interception and gun in theirs mouth convincing enough? )



			
				aragon said:
			
		

> To answer your last question, write a crontab(5) script.


Is there already written script. to download...
If not I'll write one in php.


Anyway, I have an idea!
Concentrate now carefully...
My friend mentioned to put switch on ethernet(to get more IPs) instead connecting directly to ethernet.

NOW! I am going to leave conection as is fiber optic router to ethernet on my pc.
Now I've figured out that in order to get an IP and be reachable from the outside world I need to initiate DHCP request.
Good thing: Once assigned IP is constant.
Bad thing: I can not choose IP.
I can live with that.
*
Exactly here we come to the point where I need your help.*

Faking switch...
Other device in my PC(for example lo0), get alliased IP's BUT not by ME, how I did that at the begening of this post.
but by DHCP -> only that way those IP's will be reachable from outside world

Now what I need to do? :stud


----------



## aragon (Jul 17, 2009)

Well, it depends how their DHCP is setup.  If their DHCP server is blindly handing out IP addresses, you could probably just keep requesting IP addresses from it and manually alias all the IPs it hands out to your interface.  You might have to mess with altering your interface's MAC address so that it looks like a different system though.

What happens if you plug two PCs into another switch, and then connect that switch to your ISP line?  Does each PC get their own IP address from the ISP?


----------



## Seeker (Jul 17, 2009)

aragon said:
			
		

> What happens if you plug two PCs into another switch, and then connect that switch to your ISP line?  Does each PC get their own IP address from the ISP?



I don't have a switch, but can tell you that ISP's fiber optic router has another etherent port for another PC.
So that is a strong indication that ISP's DHCP is more than ready to spit out, at least one more IP :beergrin



			
				aragon said:
			
		

> ... you could probably just keep requesting IP addresses from it and manually alias all the IPs it hands out to your interface. ...



Now this is to what we will stick from now...
*Before:* I've aliased IP to lo0 interface
*After:* DHCP will alias IP to lo0 interface

Now, how is DHCP manualy being made??
I guess I need to say which interface is requesting --> alias of lo0?
# dhcclient lo0

```
ifconfig ioctl (SIOCAIFADDR): File exists
lo0: not found
exiting.
```


----------



## Seeker (Jul 18, 2009)

Just to say that my ethernet device is vr0

Should I create virtual vr1
I tried but:
ifconfig vr1 create
has failed

ifconfig lo1 create
Worked!
But # dhcclient lo1
hasn't worked
Help please


----------



## SirDice (Jul 20, 2009)

You cannot use DHCP on lo0 (or lo1). lo0 is the loopback interface.


----------



## Seeker (Jul 20, 2009)

Yes I know.
Do you understand what is a point of this post?
Creating some virtual device or MODIFYING lo0 *in a way* that utilizing dhclient on it, would yield a new IP to it, from my ISP.
Or *doing something* to the vr0 that is already getting IPs from my ISP via DHCP, *BUT*, holds new IP like aliased to it(vr0)

Here I really need a help from someone more experienced :stud


----------



## aragon (Jul 20, 2009)

Try if_bridge(4).


----------



## Seeker (Dec 16, 2009)

I've figured out, that my ISP's DHCP server leases IP based on interface mac address.
Ie:

I connected my laptop to ethernet and I always get a same IP for laptop
And when I connect my server back to ethernet, I always get back it's IP which it has for around a year.

Now, while server is connected on ethernet (vr0) interface, I would like to alias another artificial mac address, upon which my ISP's DHCP server would lease another IP address, which would be aliased to vr0.
So vr0 would end with 2 IPs

Anyone has any experience with this?


----------



## phoenix (Dec 16, 2009)

AFAIK, you can't run DHCP client more than once per physical NIC.


----------



## Seeker (Dec 16, 2009)

Then I have to create virtual ethernet device, with it's own MAC.
But it must somehow be linked to main vr0, as they will query a same DHCP server.

How to do it?


----------



## Seeker (Dec 21, 2009)

Does *anyone* understands, what am I asking here, or what I would like to achieve?!

I have *real/physical* vr0 device, with *real/physical* MAC and with command

```
# dhclient vr0
```
vr0 gets leased IP from my ISP.
*NOW!*
I wana create virtual ethernet device and set it's MAC address, in a way, that when I issue (I will act like I talk about xy0)

```
# dhclient xy0
```
I get my mother fu.cking leassed IP from my mother fu.cking ISP to my mother fu.cking xy0 virtual interface. 
Which would results in 2 leased IPs.
One to vr0 and one to xy0, both publicly available.


----------



## aragon (Dec 21, 2009)

Did you bother trying if_bridge(4)?


----------



## DutchDaemon (Dec 21, 2009)

Seeker said:
			
		

> Does *anyone* understands, what am I asking here, or what I would like to achieve?!



You're trying to steal an extra public IP address from your ISP, right? I'm pretty sure most ISPs have something in place to hand out no more than one simultaneous DHCP IP over any physical connection. I'm not sure which mechanism your ISP uses to govern your physical connection (ATM, PPPoA, PPPoE, MPLS, some tunnel, some encapsulation, whatever), but I'm pretty sure it has a unique and individual tag/marker/label on it somewhere that prevents the DHCP system from handing out multiple IP addresses over the same physical connection. I'm pretty sure that this can't be outsmarted by simply manipulating MAC addresses or cloning interfaces. There is no security whatsoever in MAC addresses, and every ISP knows that. You getting the same IP address on a specific MAC address is a matter of _convenience_, not of _security_.


----------



## Seeker (Dec 21, 2009)

I did not tried if_bridge, but am on a _good way_ wit *tap*

I can also tell you, that ISP's fiber optic router in my home has another ethernet port for another PC.
So that is a strong indication that ISP's DHCP is more than ready to spit out, at least one more IP!

Now bassed on that *VERY strong inidcation*..., let's continue.

I wana my one physical ethernet device to split into / create two virtual interfaces, attached to that one physical, so each could have it's own lease from my ISP.

I wana recieve two DHCP leases to the same box. :stud


```
# dhclient some_device0 
DHCPDISCOVER on tap0 to 255.255.255.255 port 67 interval 6
...
```
should work..


----------



## DutchDaemon (Dec 21, 2009)

You will likely get a NAT address on that spare ethernet port. There are plenty of DSL modems out there with four ethernet ports, and all of them will do NAT when a public IP address is either on the modem itself or on a machine behind the modem (bridged). I have my public IP bridged to my server behind the DSL modem, and whatever I plug into that modem will get an RFC1918 address, NAT'ed to the public IP address (yes, even though that public IP address is on my server, the modem will still do NAT to that public IP address). 

Unless your ISP is very much asleep at the wheel, I give you zero chance of a second public IP address on the same physical connection. The technology to prevent that was already in place over a decade ago on dial-up modem banks and the early DSL/cable equipment (Cisco, Redback, DOCSIS stuff, etc.), and in software (RADIUS, TACACS). Enforcing a "one account, one IP address" policy is not rocket science; it never was. 

I'm pretty sure that your DHCP requests do not actually travel all over that /22 network (I'm in a /16, and I never see DHCP requests from anyone else, luckily), but that they are in some way relayed or translated by the equipment on either side of the physical connection, turning a broadcast DHCP request into a 'unicast' IP address request based on your account details and your current MAC address (the latter for convenience only). 

And then it's simple: "This account already has an IP address associated with it, so we'll ignore further DHCP requests until that IP address has been returned to the DHCP pool, and then he'll get the same IP address on the same MAC address, or a new IP address on a changed MAC address, but never both."


----------



## Seeker (Dec 21, 2009)

Ok, ok..., let me put that, this way:
We are going to ignore a fact that:


> ...then it's simple: "This account already has an IP address associated with it, so we'll ignore further DHCP requests until that IP address has been returned to the DHCP pool, and then he'll get the same IP address on the same MAC address, or a new IP address on a changed MAC address, but never both."


and act like "ISP is very much asleep at the wheel", that is..., they have some nasty hard core crack party prior to christmas. 

Now, as I know very little about networking and am very unfamiliar with many networking terms(which makes, hard for me, to read man pages related to virtual devices, bridging, etc...), give me a syntax for task I wish to achieve. 

So, when I initiate:

```
# dhclient some_device0
```
It must be ensured, that it's request does reach my ISPs DHCP server and not for a reques,t to roam inside my box, getting nothing, as there is no DHCP server installed.


----------



## phoenix (Dec 21, 2009)

There is, currently, no way to do what you want, with FreeBSD.  (Been down this road with Telus, it's a pain.)

You cannot set multiple virtual MAC addresses on physical NICs, which means you can't run dhclient more than once per physical NIC.

Just put another NIC in the box, and be done with it.


----------



## Seeker (Dec 21, 2009)

phoenix said:
			
		

> Just put another NIC in the box, and be done with it.


Well, here is my new virtual ethernet NIC:

```
tap0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 00:bd:17:59:c7:00
```

Now, how to convince it, to query ISP's DHCP server for new IP???
Physical ethernet device *vr0*, does exactly that!


----------



## Seeker (Dec 22, 2009)

Guys! You are totally NOT helping me at all! That is so lame!

Here is a new setup:

This is my *real* device vr0:

```
# ifconfig vr0
vr0: flags=28943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST,PPROMISC> metric 0 mtu 1500
        options=2808<VLAN_MTU,WOL_UCAST,WOL_MAGIC>
        ether 00:0b:6a:b8:d6:dc
        inet 82.x.x.173 netmask 0xfffffc00 broadcast 82.x.x.255
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
```
This is vlan device:

```
# ifconfig vlan0
vlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        ether 00:cd:97:59:c2:fa
        inet 0.0.0.0 netmask 0xff000000 broadcast 255.255.255.255
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
        vlan: 1834 parent interface: vr0
```
As you can notice *ether* is different + I've set vr0 into promisc mode.

Now, _dhclient_ *worked* on vr0 but *not* on vlan0:

```
# dhclient vlan0
DHCPDISCOVER on vlan0 to 255.255.255.255 port 67 interval 4
DHCPDISCOVER on vlan0 to 255.255.255.255 port 67 interval 10
DHCPDISCOVER on vlan0 to 255.255.255.255 port 67 interval 13
DHCPDISCOVER on vlan0 to 255.255.255.255 port 67 interval 19
DHCPDISCOVER on vlan0 to 255.255.255.255 port 67 interval 15
No DHCPOFFERS received.
No working leases in persistent database - sleeping.
```

_Attention!_
It is irrelevant, will ISP's DHCP, spit out, additional IP, or not( _in which case, DutchDaemon was right_ ).
What I wana achieve, is *TO GET REPLY (positive OR negative) from ISP's DHCP server* when I initiate dhclient on vlan0 device!


----------



## J65nko (Dec 22, 2009)

Your ISP's DHCP didn't give an DHCP offer for the vlan device. You can interpret that as a NO


----------



## Seeker (Dec 22, 2009)

O yeah?
And what, when I boot, without DHCP entry, in rc.conf.
So there is no lease for *any* device.

Then I initiate dhclient on vlan0 and get nothing.
After that, I initiate dhclient on vr0 and get IP from ISP's DHCP.

How come? No matter if ethers are same, of vr0 and vlan0, or not!


----------



## aragon (Dec 22, 2009)

Seeker said:
			
		

> Guys! You are totally NOT helping me at all!


On the contrary, you're simply ignoring some of us.


----------



## Seeker (Dec 22, 2009)

aragon said:
			
		

> On the contrary, you're simply ignoring some of us.


Am I? 
I would call that skipping to longer answers, if one is super short:


			
				aragon said:
			
		

> Did you bother trying if_bridge(4)?


Tell me...
How would I apply bridge here and what would I achieve?
Bridiging 2 interfaces..., which?
vr0 and... ?


----------



## aragon (Dec 22, 2009)

Seeker said:
			
		

> I would call that skipping to longer answers, if one is super short:


Skipping, ignoring - doesn't matter what you call it or why you do it, the effect is the same isn't it?



			
				Seeker said:
			
		

> How would I apply bridge here and what would I achieve?


Create the bridge, add vr0 and that's all.  Run dhclient against vr0 and again against bridge0.  You should get an IP address on each...

The trick now is splitting the traffic between them.


----------



## Seeker (Dec 22, 2009)

aragon said:
			
		

> Skipping, ignoring - doesn't matter what you call it or why you do it, the effect is the same isn't it?


I do it, because information is not useful to me, as it is too ambiguous.


			
				aragon said:
			
		

> Create the bridge, add vr0 and that's all.  Run dhclient against vr0 and again against bridge0.  You should get an IP address on each...
> 
> The trick now is splitting the traffic between them.


Oooo, I see.
I thought I must have *at least 2 devices*(real or virtual) in order to form a *bridge0*.
Ok, I will test it then.


----------



## aragon (Dec 22, 2009)

Seeker said:
			
		

> I do it, because information is not useful to me, as it is too ambiguous.


The best answers are those that make you think for yourself. 

Hope it works.  FWIW, it works here with my dhcp server...


----------



## phoenix (Dec 22, 2009)

Seeker said:
			
		

> Guys! You are totally NOT helping me at all! That is so lame!



That's because you refuse to read and comprehend what we are writing.  What you want to do is not possible.  It's as simple as that.

In order to run mutiple dhclient processes, you *MUST* have multiple physical NICs.  What's so hard to understand?  (I've yet to see a setup that can get two separate IPs via DHCP on the same physical NIC.)

As for your new setup, it will not work.  Why?  Because you have completely misunderstood what 802.1q vLANs are.  Without support from the ISP and all the switches/routers between you and your NIC, using vlans will not work.

As I mentioned before, just put a second NIC in the box and be done with it.


----------



## Seeker (Dec 22, 2009)

aragon said:
			
		

> The best answers are those that make you think for yourself.
> 
> Hope it works.  FWIW, it works here with my dhcp server...



Weeeehooo! :e
It works! Kind of... 
I get another *public* IP

Bad thing is... I simply can't access outside world anymore as soon as bridge0 gets leased IP. 


```
# ifconfig bridge0
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        ether 96:a4:7e:77:df:04
        inet 82.a.b.61 netmask 0xfffffc00 broadcast 82.a.b.255
        id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
        maxage 20 holdcnt 6 proto rstp maxaddr 100 timeout 1200
        root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
        member: vr0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
                ifmaxaddr 0 port 2 priority 128 path cost 200000
```

Now you said something about that _"trick now is splitting the traffic between them"_.


----------



## Seeker (Dec 22, 2009)

phoenix said:
			
		

> ...In order to run mutiple dhclient processes, you *MUST* have multiple physical NICs.


I believe[d] that I *MUST* have multiple NICs.
But, that it doesn't matter are they *physical* or *virtual*, as long as they behave in a _same manner_ and they have unique ethernet address.


			
				phoenix said:
			
		

> What's so hard to understand?  (I've yet to see a setup that can get two separate IPs via DHCP on the same physical NIC.)


When it comes to NICs, I believe, that to _the other side_, *physical* and *virtual* NICs, are completely *indistinguishable*.

Is my assumption correct? :stud



			
				phoenix said:
			
		

> As for your new setup, it will not work.  Why?  Because you have completely misunderstood what 802.1q vLANs are.  Without support from the ISP and all the switches/routers between you and your NIC, using vlans will not work.


I have absolutely(almost), no idea what are you talking about?!? P


			
				phoenix said:
			
		

> As I mentioned before, just put a second NIC in the box and be done with it.


I have no second spare physical NIC.


----------



## aragon (Dec 23, 2009)

Seeker said:
			
		

> Bad thing is... I simply can't access outside world anymore as soon as bridge0 gets leased IP.


Use tcpdump(1) to figure what is going wrong.

Feel free to paste [CMD=]netstat -rn[/CMD] and [cmd=]ifconfig vr0[/cmd].


----------



## Seeker (Dec 23, 2009)

```
# ifconfig vr0
vr0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=2808<VLAN_MTU,WOL_UCAST,WOL_MAGIC>
        ether 00:0b:6a:b8:d6:dc
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
```
I've figured out, that at the beginning, when no device has been set IP.
First one, on which I will initiated dhclient, _wins_.
Meaning that I will use that IP.
Second dhclient call on second device yields new IP, BUT mess up routing table as I've figured out. In red is one being messed up:

```
Destination        Gateway            Flags    Refs      Use  [color="Red"]Netif[/color] Expire
```
So it gets fixed when I initiate dhclient again on first device.

But I am sure that I can do it manually now, with route command to edit Netif

Anyway... all this hassle is because I wana more IPs for Apaches IP bassed virtual hosts and each requires dedicated IP or ssl won't work on named virtual hosts.

Also, this doesn't work in rc.conf:

```
ifconfig_vr0="up"
cloned_interfaces="bridge0"
ifconfig_bridge0="ether 96:a4:7e:77:df:04 addm vr0 DHCP"
```
At boot time bridge0 doesn't query ISP's DHCP server for new IP, but it does when I do it manually


----------



## Seeker (Dec 27, 2009)

Oh my god! Oh my god!
Ooooh...., my...., god! 

I've figured out, that this won't work, for a very simple reason.
*Last IP request, wins!!*

So, I can use this only to spoof MAC, nothing more.

I feel so depressed now that I am hitting a road, to have some serious binge!
And to break some bones 



			
				aragon said:
			
		

> ...
> Hope it works.  FWIW, it works here with my dhcp server...


Hm..., up to which extent?


----------



## phoenix (Dec 27, 2009)

If you compare the IPs, the netmasks, and the default route after each dhclient run, which parts differ?

I'm guessing you are getting IPs in two separate subnets, with two separate defaute routes, which is why the last dhclient run works (it sets the default route to be the one that corresponds to the last IP set).

Unless you get 2 IPs in the same subnet, with the same default route, this won't work -- without some additional trickery.

If you are building a firewall, and want to have 2 public IPs to use for NAT, then you can use IPFW rules to balance traffic across the IPs.  You could probably use setfib and vimage as well.  But it's a bit hairy to set up.


----------



## aragon (Dec 27, 2009)

Seeker said:
			
		

> Hm..., up to which extent?


Well, I get two IP addresses, both of which I can use, but unfortunately the source MAC address doesn't follow the source IP address of the related interface.  Source MAC is always that of the interface that is set in the routing table.  It might be possible to have source IP and source MAC match each other with a pf route-to rule, but I never tested this.


----------



## Seeker (Dec 27, 2009)

phoenix said:
			
		

> If you compare the IPs, the netmasks, and the default route after each dhclient run, which parts differ?


Everything is same(*IPs, the netmasks, and the default route*) expect Netif field from [CMD="netstat "]-rn[/CMD]

```
Destination        Gateway            Flags    Refs      Use  [B][color="DarkRed"]Netif[/color][/B] Expire
```

_Both IPs have a same netmasks and the default route
_
I didn't tested it thoroughly, but skipped to other test.
That is: (*OK* means internet accessible, *FAIL* means internet inaccessible)

Ethernet cable plugged in server and did dhclient vr0 - OK
Unplugged cable from server
Ethernet cable plugged in laptop and did dhclient bge0 - OK
Unplugged cable from laptop
Ethernet cable plugged in server - FAIL
Unplugged cable from server
Ethernet cable plugged in laptop - OK
Unplugged cable from laptop
Ethernet cable plugged in server and did dhclient vr0 - OK
Unplugged cable from server
Ethernet cable plugged in laptop - FAIL

Because of this, I think that ISP has a table, that holds 1 IP for my physical connection, which gets overwritten with new IP entry, as soon as IP is being leased, thus previos ignored and not routed by ISP



			
				aragon said:
			
		

> Well, I get two IP addresses, both of which I can use...


How do you define IP that you _can use_?
For me, in this context, that means publicly accessible.


			
				aragon said:
			
		

> ..., but unfortunately the source MAC address doesn't follow the source IP address of the related interface.  Source MAC is always that of the interface that is set in the routing table.  It might be possible to have source IP and source MAC match each other with a pf route-to rule, but I never tested this.


I skipped _hardcore_ testing and did one from above, without bridge if, for now.


----------



## aragon (Dec 28, 2009)

Seeker said:
			
		

> How do you define IP that you _can use_?
> For me, in this context, that means publicly accessible.


Depends what you're trying to do, and there's more than one way.  Most daemon/server software lets you configure which IP address to listen on, so it's just a matter of configuring it as such, eg. Apache:


```
Listen <ip>:<port>
```

Some user/client software lets you configure what address to bind to, eg.


```
ping -S <src> <dst>
```

Finally there is libalias(3) or pf(4), but these should usually be a last resort IMHO.


----------

