Hi Mike, thanks for the reply. See below.
On Monday, January 12, 2015 at 11:22:41 AM UTC-8, Mike Christie wrote:
>
> On 1/9/15, 8:28 PM, Thomas Dwyer III wrote:
> > Hi folks,
> >
> > I spent some time browsing through this forum but I was unable to find
> an
> > explanation for this comment referring to the disabled
> bind_src_by_address()
> > function in io.c:
> >
> > *This is not supported for now, because it is not exactly what we want.*
> > *It also turns out that targets will send packets to other interfaces*
> > *causing all types of weird things to happen.*
> >
> > I found several posts from people referring to this specific comment but
> I
> > did not find an explanation. Is it possible that the author of this
> comment
> > was referring to the ARP flux issue, which may cause a target to
> associate
> > the bound IP address with the MAC address from an interface other than
> the
> > one specified with SO_BINDTODEVICE? If so, I don't see how avoiding the
> > call to bind() solves this problem. I would appreciate a reply from
> anyone
> > who might know what "weird things" means in this context.
> >
>
> bind_src_by_address() only did a bind() and was expecting all traffic to
> flow through the interface with the specified ip address.
Clearly that's a bad assumption on the part of the administrator. If
restricting traffic to a particular interface is desired, bind() is the
wrong approach. That's what SO_BINDTODEVICE is for.
> If you have
> multiple interfaces on the same subnet, the network layer would
> send/recv on any of them. This ended up causing issues with packets not
> getting sent/received or received in incorrect orders to the iscsi
> layers on the initiator/target side.
>
How does incorrect ordering occur? This is TCP, right? Correct ordering is
guaranteed regardless of which interface(s) are used.
>
> SO_BINDTODEVICE is not related to bind() (was not sure about your
> comment about avoiding bind when using that sockopt). It tells the
> kernel to ignore the normal routing tables and to just use the interface
> we specify with that call.
>
Precisely. SO_BINDTODEVICE and bind() are two very different things, for
two very different purposes. One cannot be used as a substitute for the
other.
>
> Why are you asking about this? Do you need something like bind by ip?
>
Yes, I do. I have an environment where a single interface has multiple
different IP addresses configured. For example:
# ip addr show eth0
3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state
UP qlen 1000
link/ether 00:50:56:9f:4c:5d brd ff:ff:ff:ff:ff:ff
inet 10.108.53.143/21 scope global eth0
inet 10.108.53.243/21 scope global secondary eth0
inet6 fe80::250:56ff:fe9f:4c5d/64 scope link
valid_lft forever preferred_lft forever
In this example, my target will only accept logins from 10.108.53.243.
Unless we call bind(), there's no way to make this work.
Tom.III
--
You received this message because you are subscribed to the Google Groups
"open-iscsi" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/open-iscsi.
For more options, visit https://groups.google.com/d/optout.
