Date: Thu, 26 Jul 2001 17:19:34 -0700 (PDT) From: Matt Dillon <dillon@earth.backplane.com> To: Chris Dillon <cdillon@wolves.k12.mo.us> Cc: Steven Ames <steve@virtual-voodoo.com>, "Jonathan M. Slivko" <jslivko@blinx.net>, <freebsd-hackers@FreeBSD.ORG> Subject: Re: Why two cards on the same segment... Message-ID: <200107270019.f6R0JY364659@earth.backplane.com> References: <Pine.BSF.4.32.0107261654170.2406-100000@mail.wolves.k12.mo.us>
next in thread | previous in thread | raw e-mail | index | archive | help
:..
:> You have to explicitly bind to the correct source IP if you care.
:>
:> For our machines I bind our external services specifically to the
:> external IP. Beyond that I usually don't care because I NAT-out our
:> internal IP space anyway, so any packets sent 'from' an internal IP
:> to the internet wind up going through the NAT, which hides the fact
:> that the source machine chose the wrong IP.
:
:
:Hmm.. That hasn't been my experience at all. I have _always_ seen
:outgoing connections use a source address of the closest interface
:address that exists on the same IP network as the destination, OR, if
:it is a non-local destination, then the source is whatever IP address
:is on the same IP network as the next-hop gateway. If your next-hop
:gateway is an RFC1918 address, then your source address will be your
:RFC1918 address on the same subnet, unless you specify otherwise of
:course. Maybe if you set net.inet.ip.subnets_are_local to 1, then
:maybe the system will use the primary non-alias address of the closest
:physical interface, be it a public address or whatever, but I've not
:tried that.
:
:-- Chris Dillon - cdillon@wolves.k12.mo.us - cdillon@inter-linc.net
Huh... your right! How odd. I think someone may have fixed something
since I last played with this. I swear it wasn't going that before! I
would set up a bunch of ip aliases and it was pot-luck.
-Matt
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200107270019.f6R0JY364659>