We are working on a new version of our ETM application which requires and assumes full access
the 127.0.0.0 subnet on the AXP virtual instance.
 
Namely, we use
specific addresses such as:
 
127.0.0.2
127.0.0.86
127.0.50.*
 
For inter
process communication.
 
We just loaded
it on AXP and these all fail except 127.0.0.2. Reading the terse description in the devel
guide I see that 127.0.0.2 is assigned to the instance by the host and the rest
of LO is off limits!
 
We need to BIND
application sockets and have communication to/from the above addresses.
 
We are running
our applications with full capabilities:
 
@CCAPABILITIES=
UTSNAME
RLIMIT
RAW_ICMP
SYSLOG
SECURE_MOUNT
@BCAPABILITIES=
SYS_NICE
NET_ADMIN
SYS_TIME
NET_RAW
IPC_LOCK
SYS_BOOT
@PROCFS=
/proc/sys/net/ipv4/ip_forward
0
@MODULES=
ip_tables.ko
iptable_filter.ko
 
We have made assumptions that LO was side
open on AXP since its running a vanilla CentOS 5.2 and NET_ADMIN was set.
 
Is there any
mechanism to enable socket on these addresses? If not, we are in a bit of a
disaster scenario here since its seems that LO is now locked down bug time.
I¿ve tried everything. We assumed using NET_ADMIN gave us full rights to
network mgt.!
 
-J

In Linux it is not explicitly required to create lo subinterfaces because applications can bind to any 127/8 address with no issue.

I understand AXP managed lo differently at the host level with prevents this function.

So, I was trying to use ifconfig to create subinterfaces and received

SIOCSIFFLAGS: Cannot assign requested address

in all cases which prompted me to open this issue here.

I will try the AXP CLI as well as your proposed solution.

Jacek,

If you are still having issues connecting to the 127 network IPs on AXP after installing/upgrading your application with the suggested privilege please send over the tech-support logs.

Thanks,

Brett