Chris Adams wrote:
>
> Someone pointed out to me that the policy routing in Linux does not
> affect locally generated packets. So is there ANY way to affect the
> routing of locally generated packets? Other than hacking at the source
> of programs to use SO_BINDTODEVICE and the like? That doesn't really
> help me in all cases.
>
My understanding is that if you have multiple interfaces, and each is
receiving connections on its own IP address, you can use the standard
socket interfaces to listen separately for incoming connections to the
two different IP addresses. (Just use the specific IP address instead
of INADDR_ANY in the bind() function.)
Outgoing packets are another matter--no matter what source IP address
you have bound your socket to, the packets will (normally) be sent out
whatever interface the routing table deems 'on the way' to the
destination address.
The reason I wrote the SO_BINDTODEVICE, umm, hack in the first place was
for DHCP client and server: the DHCP client might have multiple
interfaces, and not know their IP address yet; and the server might have
incoming requests on several interfaces, but since the requests are
broadcast to 255.255.255.255, it would not know which interface they
came in on... so it listens on a socket bound to each interface
explicitly with SO_BINDTODEVICE.
More info on SO_BINDTODEVICE can be found in the
Documentation/networking dir, in the 2.0.x kernel anyway...
-Elliot
> For example, I'd like to have a multihomed mail server - it would have 2
> ethernet interfaces, each one to a separate link to the Internet.
> However, currently, that does not work, since there is no way (that I
> know of anyway) to say for TCP connections that come in on a particular
> interface, send all outgoing packets for that connection out the same
> interface. Unless you can tell which interface (or just IP address) a
> particular socket is associated with and _then_ do a SO_BINDTODEVICE on
> it.
>
> But again, that means modifying every network program that you want to
> work in this manner, which is not the way to do it IM(NS)HO.
> --
> Chris Adams <[EMAIL PROTECTED]> - System Administrator
> Renaissance Internet Services - IBS Interactive, Inc.
> Home: http://ro.com/~cadams - Public key: http://ro.com/~cadams/pubkey.txt
> I don't speak for anybody but myself - that's enough trouble.
> -
> To unsubscribe from this list: send the line "unsubscribe linux-net" in
> the body of a message to [EMAIL PROTECTED]
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
