From owner-freebsd-hackers Wed Jan 6 13:16:38 1999 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id NAA09595 for freebsd-hackers-outgoing; Wed, 6 Jan 1999 13:16:38 -0800 (PST) (envelope-from owner-freebsd-hackers@FreeBSD.ORG) Received: from smtp03.primenet.com (smtp03.primenet.com [206.165.6.133]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id NAA09587 for ; Wed, 6 Jan 1999 13:16:23 -0800 (PST) (envelope-from tlambert@usr08.primenet.com) Received: (from daemon@localhost) by smtp03.primenet.com (8.8.8/8.8.8) id OAA14766; Wed, 6 Jan 1999 14:15:38 -0700 (MST) Received: from usr08.primenet.com(206.165.6.208) via SMTP by smtp03.primenet.com, id smtpd014593; Wed Jan 6 14:15:24 1999 Received: (from tlambert@localhost) by usr08.primenet.com (8.8.5/8.8.5) id OAA27539; Wed, 6 Jan 1999 14:15:13 -0700 (MST) From: Terry Lambert Message-Id: <199901062115.OAA27539@usr08.primenet.com> Subject: Re: Source address To: louie@TransSys.COM (Louis A. Mamakos) Date: Wed, 6 Jan 1999 21:15:12 +0000 (GMT) Cc: dnelson@redwoodsoft.com, lem@cantv.net, freebsd-hackers@FreeBSD.ORG In-Reply-To: <199812200103.UAA80379@whizzo.transsys.com> from "Louis A. Mamakos" at Dec 19, 98 08:03:22 pm X-Mailer: ELM [version 2.4 PL25] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Except that in IOS, the "source-interface" commands cause the application > in question (snmp trap generator, syslog generator, etc), to bind to > a particular interface address on the router, rather than using whatever > interface address is associated with the exit interface on the router. > > It doesn't smash an address in the packet on the way out, and neither > should the FreeBSD kernel. There are a lot of applications that care > about the end point addresses, and zapping something behind their back > is probably going to manifest itself in interesting ways. > > Perhaps this is phrasing problem. If you were to add a sysctl to > bias the operation of the socket code to choose a specified address of > an interface, rather than the address of the outbound interface.. but > then you have to worry about the interface being up and other details. This is a generic problem in the way sockets are bound. Similar fallout from the problem is that, when you change IP addresses on interfaces, you have to restart daemons bound to the IP addresses, etc.. In general, the best possible corrective action would be to allow binding of sockets to interfaces instead of IP addresses. For a complete soloution, you'd want to be able to bind a socket to all interfaces, a specific interface, an IP address regardless of interfaces that have that address, and an interface/IP address pair. For an inetd style soloution, you'd want to add parameters on the end of the protocol field, I believe. Something like: ftp stream tcp:ed0:10.0.0.1 nowait root /usr/libexec/ftpd ftpd -l -d /home/ftp ftp stream tcp:*:141.168.5.12 nowait root /usr/libexec/ftpd ftpd -l -d /home/ftp/external Someone really needs to revisit the idea of sockets before IPV6 is widely deployed. Terry Lambert terry@lambert.org --- Any opinions in this posting are my own and not those of my present or previous employers. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message