Date: Fri, 29 Nov 2002 13:41:22 +0100 From: Andre Oppermann <oppermann@pipeline.ch> To: Helge Oldach <freebsdnet28nov02@oldach.net> Cc: freebsd-net@freebsd.org Subject: Re: Multihoming - implementing RFC 1122 Message-ID: <3DE76072.DC64205E@pipeline.ch> References: <200211282148.gASLmpas025733@sep.oldach.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Helge Oldach wrote: > > All, > > I wonder whether there are plans to complete implementation of the > "strong ES" model as described in RFC 1122 for multihoming hosts on > FreeBSD. Essentially this would assure that a multihomed host would > send and receive IP packets through the "correct" interface (that is, > the physical interface that is configured with the IP address used in > the packets). > > Currently the incoming part is already present through the > net.inet.ip.check_interface sysctl. If enabled, this would drop packets > which arrive on an interface with a different IP address than the one of > the interface. > > But what about the sending side? This appears to be missing. We would > need to forward packets not according to the routing table, but > according to the source address of the packet (if already defined, > otherwise it would be defined through the routing table first). This is also called policy routing. > Is anybody aware of this issue? I personally consider this as beneficial > for firewall-type setups. Are there plans to implement it? Claudio and I are (somewhat slower than expected) working on it. We into detail there once we have completet the new natd (release candidate available) and the TCP hostcache (80% done). -- Andre To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3DE76072.DC64205E>