Date: Wed, 15 Feb 2023 21:22:33 -0800 From: Ian Zimmerman <possessor.assizer305@aceecat.org> To: freebsd-questions@freebsd.org Subject: Re: Source IP selection Message-ID: <20230216052233.sprgmazuunk25ynw@beesty.loosely.org> In-Reply-To: <20230215232241.5A86B9977DF3@ary.qy> References: <20230215222458.bij5oh3wtaq6inje@beesty.loosely.org> <20230215232241.5A86B9977DF3@ary.qy>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Feb 15, 2023 at 06:22:40PM -0500, John Levine wrote:
> >May the kernel choose an address through which there's no route to
> >the destination?
>
> It knows what addreses it has configured on what interfaces, and
> what's in its local routing table, not the entire state of the global
> Internet. The routing table just tells it what interface to use for
> what networks. I think it does soemthing simple minded like using the
> first address configured on the interface if you don't override that
> with bind().
>
> If you bind a local address and then tell it to send to a remote
> address that isn't in the routing table for the interface the address
> is assigned to, I have no idea what happens. Try it and let us know
> what happens.
>
> If you told us what you are trying to do, you would get more useful
> answers.
Yes, fair enough.
This is a sysadmin question, not a programming one. I cannot recompile
every program installed on the system to fix this (if it needs fixing).
My VPS provider (Linode) gave me a secondary address so my two nodes
can talk to each other without accruing charges. Note that:
- it really is an alias on the same interface, *not* a VLAN
- it is not a publicly routable address (192.168.)
Here's an excerpt of the configuration, with one obvious change:
6+1 ~$ ifconfig vtnet0
vtnet0: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=4c00b8<VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,VLAN_HWTSO,LINKSTATE,TXCSUM_IPV6>
...
inet 123.123.123.4 netmask 0xffffff00 broadcast 123.123.123.255
inet 192.168.135.161 netmask 0xffff8000 broadcast 192.168.255.255
media: Ethernet autoselect (10Gbase-T <full-duplex>)
status: active
nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
7+1 ~$ netstat -rn
Routing tables
Internet:
Destination Gateway Flags Netif Expire
default 123.123.123.1 UGS vtnet0
123.123.123.0/24 link#1 U vtnet0
123.123.123.4 link#1 UHS lo0
127.0.0.1 link#2 UH lo0
192.168.128.0/17 link#1 U vtnet0
192.168.135.161 link#1 UHS lo0
Now I am concerned what happens if something like unbound sends
to the outside world, in a client role. I don't think it binds its
socket, how would *it* know which address to use? It lets the kernel
decide, and I think most client programs do. So, can it get the
secondary address?
--
Ian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20230216052233.sprgmazuunk25ynw>