:..
:> You have to explicitly bind to the correct source IP if you care.
:>
:> For our machines I bind our external services specifically to the
:> external IP. Beyond that I usually don't care because I NAT-out our
:> internal IP space anyway, so any packets sent 'from' an internal IP
:> to the internet wind up going through the NAT, which hides the fact
:> that the source machine chose the wrong IP.
:
:
:Hmm.. That hasn't been my experience at all. I have _always_ seen
:outgoing connections use a source address of the closest interface
:address that exists on the same IP network as the destination, OR, if
:it is a non-local destination, then the source is whatever IP address
:is on the same IP network as the next-hop gateway. If your next-hop
:gateway is an RFC1918 address, then your source address will be your
:RFC1918 address on the same subnet, unless you specify otherwise of
:course. Maybe if you set net.inet.ip.subnets_are_local to 1, then
:maybe the system will use the primary non-alias address of the closest
:physical interface, be it a public address or whatever, but I've not
:tried that.
:
:-- Chris Dillon - [EMAIL PROTECTED] - [EMAIL PROTECTED]
Huh... your right! How odd. I think someone may have fixed something
since I last played with this. I swear it wasn't going that before! I
would set up a bunch of ip aliases and it was pot-luck.
-Matt
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
