On 2020/10/18 14:04, David Gwynne wrote: > the problem i'm hitting is that i have a multihomed box where the > service it provides listens on an IP address that's assigned to lo1. > it's a host running a service, it's not a router, so the > net.inet.ip.forwarding sysctl is not set to 1.
I ran into this, I just turned on the forwarding sysctl to avoid the problem. > i came up with this diff, which adds even more special casing for > loopback interfaces. it says addreesses on loopbacks are globally > reachable, even if ip forwarding is disabled. I don't see why loopbacks should be special. Another place this might show up is services running on carp addresses (I haven't updated those machines yet but there's a fair chance they'll be affected too). I would prefer an explicit sysctl to disable "strong host model".
