>>>	I still do not understand your goal... anyway,
>>sorry, i didn't really go into that yet.  i wanted to create a "null"
>>network interface, similar to that which one might find on a cisco.
>>useful for blackhole routing, ipfiltering (yes, really!), etc.
>
>	for example, is this insufficient for your goal?
>	# route add -inet 10.0.0.0 127.0.0.1 -reject

okay, that'll blackhole the packets, but i wanna sniff 'em.

>>>>>   23:11:03.892874 127.0.0.1 > 127.0.0.1: icmp: echo reply [ttl 1]
>>>	again, this packet is generated by ping.
>>i still disagree.  ping doesn't make answers...only questions.
>
>	see sbin/ping/ping.c:pinger().  (near "clear_cache")
>	it do generate replies.

ah...okay, i see.  that explains why i was seeing the answers.  i'd
have to guess that ping does that to force the kernel to re-lookup a
route to the actual destination with each echo request by forcing the
echo reply packets out the loopback interface.

>>you ought to know this...does the ::1 address get added only because
>>the interface is marked IFF_LOOPBACK or is there some other reason?
>
>	basically yes.
>	- we really need to have ::1 due to some routing table hack for
>	  "goto ours" loop. 
>	- we use IFF_LOOPBACK for check if we should add ::1 or not
>	- lo1 gets ::1 as well as lo0
>	it will do no harm.  ::1 is required to be there anyways.

fair enough.  i just figured that one was enough...

>>>>(4) not really a problem...more of a question.  what theoretical
>>>>effect would setting IFF_BROADCAST on the loopback interfaces have?
>>>	if we remove special handling for 127.0.0.1, we may want to
>>>	configure 127.0.0.1 with below:
>>>	# ifconfig 127.0.0.1 netmask 0xffffffff
>>>	rather than the default
>>>	# ifconfig 127.0.0.1 netmask 0xff000000	(netmask implicitly specified)
>>i still feel that the default netmask is fine...i think i'm just
>>questioning some of the "special handling" that interfaces marked
>>IFF_LOOPBACK get in the kernel.
>
>	I have checked rfc1700 (assigned numbers) page 4, 127.0.0.0/8 should
>	not leave the host.
>	- lo0 = 127.0.0.1/8 without special handling, or
>	- lo0 = 127.0.0.1/32, with reject route to 127.0.0.0/8
>		it does not matter if we have special handling or not.
>		just need a one-liner in /etc/netstart.
>	looks more reasonable to me than the current behavior.

current behavior (without charles' patch of five minutes ago) is that
127.0.0.2 leaves the host on the default route.

imho, the first of those two options makes more sense.  the less
special handling, the better.

-- 
|-----< "CODE WARRIOR" >-----|
codewarrior@daemon.org             * "ah!  i see you have the internet
twofsonet@graffiti.com (Andrew Brown)                that goes *ping*!"
andrew@crossbar.com       * "information is power -- share the wealth."