From owner-freebsd-hackers Wed Jan 6 13:30:24 1999 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id NAA10832 for freebsd-hackers-outgoing; Wed, 6 Jan 1999 13:30:24 -0800 (PST) (envelope-from owner-freebsd-hackers@FreeBSD.ORG) Received: from alpo.whistle.com (alpo.whistle.com [207.76.204.38]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id NAA10815 for ; Wed, 6 Jan 1999 13:30:22 -0800 (PST) (envelope-from julian@whistle.com) Received: (from daemon@localhost) by alpo.whistle.com (8.8.5/8.8.5) id NAA06174; Wed, 6 Jan 1999 13:27:58 -0800 (PST) Received: from current1.whistle.com(207.76.205.22) via SMTP by alpo.whistle.com, id smtpdqY6169; Wed Jan 6 21:27:55 1999 Date: Wed, 6 Jan 1999 13:27:48 -0800 (PST) From: Julian Elischer To: Terry Lambert cc: "Louis A. Mamakos" , dnelson@redwoodsoft.com, lem@cantv.net, freebsd-hackers@FreeBSD.ORG Subject: Re: Source address In-Reply-To: <199901062115.OAA27539@usr08.primenet.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, 6 Jan 1999, Terry Lambert wrote: > > Except that in IOS, the "source-interface" commands cause the application > > in question (snmp trap generator, syslog generator, etc), to bind to > > a particular interface address on the router, rather than using whatever > > interface address is associated with the exit interface on the router. > > > > It doesn't smash an address in the packet on the way out, and neither > > should the FreeBSD kernel. There are a lot of applications that care FreeBSD doesn't "smash an address" onto a packet unless you have not bound to an address. If you bind to an address that address is used. > > about the end point addresses, and zapping something behind their back > > is probably going to manifest itself in interesting ways. > > > > Perhaps this is phrasing problem. If you were to add a sysctl to > > bias the operation of the socket code to choose a specified address of > > an interface, rather than the address of the outbound interface.. but > > then you have to worry about the interface being up and other details. > > This is a generic problem in the way sockets are bound. > > Similar fallout from the problem is that, when you change IP > addresses on interfaces, you have to restart daemons bound to > the IP addresses, etc.. > > In general, the best possible corrective action would be to allow > binding of sockets to interfaces instead of IP addresses. what about interfaces with multiple adresses? > > For a complete soloution, you'd want to be able to bind a socket > to all interfaces, a specific interface, an IP address regardless of > interfaces that have that address, and an interface/IP address pair. > > For an inetd style soloution, you'd want to add parameters on the > end of the protocol field, I believe. Something like: > > ftp stream tcp:ed0:10.0.0.1 nowait root /usr/libexec/ftpd ftpd -l -d /home/ftp > ftp stream tcp:*:141.168.5.12 nowait root /usr/libexec/ftpd ftpd -l -d /home/ftp/external > > Someone really needs to revisit the idea of sockets before IPV6 is > widely deployed. > > > Terry Lambert > terry@lambert.org > --- > Any opinions in this posting are my own and not those of my present > or previous employers. > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-hackers" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message