In message <0913989A-6ADE-4FF2-BE9E-73A5FDD43616@shagadelic.org>, Jason Thorpe 
writes:
>
>On Apr 25, 2005, at 12:36 PM, Bill Studenmund wrote:
>
>>> Tho' I dont know if it works anymore on NetBD, with hashed lookup of
>>> local-IP-addrs it certainly does on other BSD derivatves. If it truly
>>> isn't predictable on NetBSD, then that strikes me as a darn good
>>> reason to distinguish first-class local addresses from
>>> explicitly-marked secondary or "alias" addresses.
>>>
>>
>> And what if we want multiple "first-class" addresses?
>
>And to address this point... nothing in an ifaddr explicitly marks  
>the address as an "alias".  It is an alias only by virtue of not  
>being the first on the list.  If you delete the first address on the  
>list, then I am pretty sure that the next one is suddenly no longer  
>just an "alias".
>
>I.e. it is only by convention that these things are called  
>"aliases".  It's all due to undocumented magic that the semantics are  
>the way they are.
>
>To me, an address that is truly an "alias" would never be used as a  
>source address unless it is on the passive side of a TCP handshake.   
>But there are legitimate reasons for having multiple "non-alias" IPv4  
>addresses on an interface.  If we want to support both, then  
>something needs to mark those alias addresses as such (I would call  
>them "passive" addresses, myself).  The "passive" semantics I  
>envision would map equally well to both IPv4 and IPv6, or any other  
>address family, for that matter.
>

I haven't had the cycles to participate in this debate, and I'm not 
sure that this suggestion is fully baked.  That said, I'll toss it out 
anyway.

The current semantics, as I understand them, is that the source address 
assigned is taken from the routing table entry used for the (initial, 
for TCP) outgoing packet.  In particular, the first address on the 
interface selected is used.  Suppose we try to extend that, by 
associating explicit source addresses with routing entries.  When a
destination address matches some particular route table entry, the 
source address associated with that address would be used as the source 
address for the packet.  (Like Jonathan, I'm very concerned about 
attaching semantics in the kernel to particular classes of addresses.  
For that matter, I was one of the very loud voices against IPv6 
site-local addresses.  Link-local is an acceptable special case for 
IPv6; it might be for IPv4 as well, but I suspect it's not necessary to 
create any special rules for it.)

		--Prof. Steven M. Bellovin, http://www.cs.columbia.edu/~smb