Subject: Re: RFC: local address selection
To: None <email@example.com>
From: Miles Nordin <carton@Ivy.NET>
Date: 11/07/2004 17:26:04
Content-Type: text/plain; charset=US-ASCII
>>>>> "ed" == Emmanuel Dreyfus <firstname.lastname@example.org> writes:
>>>>> "i" == itojun <email@example.com> writes:
ed> ifconfig ex0 alias 10.0.12.7 prefered
ed> route add default 10.0.12.1 -localaddr 10.0.12.7
It helps but is not really general enough to put the problem to rest
Routes don't inherit from encompasing routes like nesting in a
statically-scoped language---rather, only the most-specific route can
be consulted. Suppose I want:
destination | local address
192.168.0.0/16 | 192.168.168.3
0.0.0.0/0 | 18.104.22.168
I can create those two routes with this new local-address attribute,
but my setting is lost if I have more specific routes from an IGP.
Even if I have interface routes for subnets, it's lost.
It seems to me the most flexible way would be an entirely separate
table like the routing table just for choosing interface address, so
more-specific routes can be omitted from this table. But I think
that's too complicated!
Honestly, for my network what would work best is, a special case: ``if
there is a /32 alias on lo0, use that address whenever it's necessary
to choose a default source address.'' I think many people who add
loopback aliases would prefer that. It is adequate for your VPN,
right, because the SPD for the IPsec tunnel will specify a source
address rather than using default, so the loopback alias can be used
for VPN-protected traffic only?
Another more complicated alternative, would be to assign each
interface address a ``priority''. Only the address with smallest
priority setting would be used. In the case of a tie, it could choose
among the winners...somehow. This is different from your
'alias ... prefer' because if one interface address had the lowest
priority, it would be used for all packets, not just ones going out
that interface. But I'm not sure it has any advantages in practice
over the loopback-alias-special-case.
i> in IPv4 code, rt_ifa is used for selecting source address for
i> a particular routing entry. route -ifa should be sufficient.
[confused]. The local address selection is not consistent, so what
you describe maybe applies to manu's ICMPv4 case only?
Also, I thought -ifa was for -iface routes, to imply the interface.
Is it for something else---is it possible to install a route that,
when matched, targets a packet to Interface A, but assigns a local
address from Interface B?
Any man can be President, but only one man can be in the White House:
the White Man.
-- 53rd & 5th Ave Preacher
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (NetBSD)
-----END PGP SIGNATURE-----