Subject: Re: CVS commit: src/sys
To: Jonathan Stone <jonathan@dsg.stanford.edu>
From: Daniel Carosone <dan@geek.com.au>
List: tech-kern
Date: 12/07/2004 09:00:26
--nDmTXYS4kVhtHHfR
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Mon, Dec 06, 2004 at 01:44:15PM -0800, Jonathan Stone wrote:
> I've also seen no rationale for multiple loopback devices, given that

There's a bunch of cases where it might be very useful:

 - multiple separate logging destinations for ipf, when various rules
   want to dump copies of particular packets to monitoring apps.

 - interface routes to then trigger separate handling, such as for
   encapsulation to different endpoints by user-space VPN or other
   tunnelling software (some of these might use tun, some don't)

 - setting up test benches for network filters, routing
   configurations, and other simulator-style scenarios.

 - forcing certain kinds of source address selection where the
   application is uncooperative, and where aliases on the same interface
   can lead to ambiguity.

None of these might be common for your average production mailserver
machine, and multiple loopbacks might not even be the best solution
for any of these, but it's in exactly the scenario you didn't
anticipate that this kind of flexibility is most useful.

--
Dan.

--nDmTXYS4kVhtHHfR
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (NetBSD)

iD8DBQFBtNZ5EAVxvV4N66cRAuE0AKCXlvbSCWetEw1WVV9rIPpvGM6whQCg0afU
kWWxaO3Uk0uX0U8VI/B+1YM=
=WfuA
-----END PGP SIGNATURE-----

--nDmTXYS4kVhtHHfR--