From owner-freebsd-current Tue Aug 8 09:17:02 1995 Return-Path: current-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.11/8.6.6) id JAA04582 for current-outgoing; Tue, 8 Aug 1995 09:17:02 -0700 Received: from server.netcraft.co.uk (server.netcraft.co.uk [194.72.238.2]) by freefall.cdrom.com (8.6.11/8.6.6) with ESMTP id JAA04550 ; Tue, 8 Aug 1995 09:16:56 -0700 Received: (from paul@localhost) by server.netcraft.co.uk (8.6.11/8.6.9) id RAA04464; Tue, 8 Aug 1995 17:16:26 +0100 From: Paul Richards Message-Id: <199508081616.RAA04464@server.netcraft.co.uk> Subject: Re: workaround for talk's address problem To: wollman@halloran-eldar.lcs.mit.edu (Garrett Wollman) Date: Tue, 8 Aug 1995 17:16:25 +0100 (BST) Cc: paul@FreeBSD.ORG, pete@puffin.pelican.com, current@FreeBSD.ORG In-Reply-To: <9508081503.AA02688@halloran-eldar.lcs.mit.edu> from "Garrett Wollman" at Aug 8, 95 11:03:20 am Reply-to: paul@FreeBSD.ORG X-Mailer: ELM [version 2.4 PL24] MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit Content-Length: 3412 Sender: current-owner@FreeBSD.ORG Precedence: bulk In reply to Garrett Wollman who said > > < said: > > > When in_pcbconnect gets called, I think what's happening is that the > > decision about the local addr is made by ifa_ifwithnet, since the > > destination address is an ip address aliased on this host it finds > > an ifaddr struct that has a match and it returns that as the local > > address. > > Yes. This is what it is supposed to do. I know that, I was just setting the scene :-) > 2) In normal multi-homed environments, this is precisely what > you want to do, since you want queries sent on one wire to > get replies on the same wire without going through extra > router hops as would be required otherwise. Not necessarily. You're assuming a "normal multi-homed envirnment" is one with two interfaces where you need to do this. That's not always the case any more and even in that situation, you still might not want the local addr set to the primary address of the interface, you may still want the outgoing packet to be marked as from one particular address for that interface. The aliased address is likely to be on the same subnet as the primary address otherwise the interface would never see packets for the alias. there wouldn't be anything wrong in that case of having packets leave the interface with the aliased address since return packets will still come back to that particular interface and it's aliased to accept them. Multi-homed these days increasingly means having more than one ip address aliased to the same interface and not for the reasons that the code was originally written for but to allow multiple DNS domains to map to the same physical host while still being able to determine which DNS domain a particular packet is for, vis WEB servers. The code as it is know is trying to > > You have two possible solutions: > > 1) Don't let people use Web browsers on your server machine. > > 2) Modify the browser source code to bind to a specific > address (perhaps whatever is returned by gethostname()). This isn't an option. I'd have to modify every possible client that could be used and that assumes I have source in the first place. > > > We could check the destination address and if > > it's actually an aliased address on this host > > There is no distinction between various different sorts of interface > addresses. If you delete the address that was ifconfig'ed first, then > the interface's primary address becomes whatever was added next, and > so on down through the line. So? The code as it stands now was written in order to determine which address to assign to the local side so that packets could return to the correct interface. It's out of date and needs to be revised since that's not the only reason for a host having multiple ip addresses. I've got several ip addresses allocated to the same interface and it's the only interface on the box. > > Remember that this code was originally designed to support multiple > logical IP subnets on a single wire. I know what it was originally for. I'm trying to make it work better in today's environment where virtual host services are becoming more common. -- Paul Richards, Bluebird Computer Systems. FreeBSD core team member. Internet: paul@FreeBSD.org, http://www.freebsd.org/~paul Phone: 0370 462071 (Mobile), +44 1222 457651 (home)