Make sense! - otherwise you're fixing the same problem again and again in each application.
The current behaviour is definitely classable as a bug, not only because it doesn't behave as documented, but also as the underlying behaviour is different to the output. `route get` shows the source will be the IP set by sourceaddr. ping -v shows the source as the IP set by sourceaddr. tcpdump then confirms that the packet has actually gone out with the source IP as the IP of the egress interface. (in this case, which there is no internet routable route back to, as it's an unannounced IXP LAN). $ ping -v cdn.openbsd.org PING dualstack.osff.map.fastly.net (xx.xx.xx.xx --> 199.232.58.217): 56 data bytes ^C --- dualstack.osff.map.fastly.net ping statistics --- 3 packets transmitted, 0 packets received, 100.0% packet loss $ sudo tcpdump -n -i vlan4 host 199.232.58.217 tcpdump: listening on vlan4, link-type EN10MB 19:32:39.494578 yy.yy.yy.yy > 199.232.58.217: icmp: echo request Thanks, Ian On Thu, Mar 17, 2022 at 6:05 PM Theo de Raadt <[email protected]> wrote: > This should not be done in applications. The kernel must do it. It means > the current kernel code is worng. >
