On Wed, Apr 13, 2005 at 10:56:38PM -0400, Thor Lancelot Simon wrote:
> On Wed, Apr 13, 2005 at 05:43:54PM -0700, Jonathan Stone wrote:
> > In message <20050413234709.GR6156@che.ojctech.com>, David Young writes:
> > >On Wed, Apr 13, 2005 at 05:39:34PM -0400, Thor Lancelot Simon wrote:
> > >> On Wed, Apr 13, 2005 at 12:29:10PM -0500, David Young wrote:
> > >> >
> > >> > is preferred.  IPv4 should likewise prefer a private sources (192.168/16,
> > >> > 10/8, ...) when the destination is private, a link-local (169.254/16)
> > >> > for link-local destinations, and global source for a global destination.
> > 
> > IPv4 "should" do this?  Who is saying this, and on what authority?
> > I'm pretty sure this not a SHOULD in the sense of RFC-2119.
> 
> I think he means "should" in the sense of "would behave better in a not
> uncommon case" -- which, I think, is correct.  There are definitely
> situations in which a host has both a routable and a private (1918)
> IP address and in which the public Internet is only reachable across
> the privately-addressed network.  Consider, for example, an router
> concentrator that numbers its point-to-point interfaces in network
> 10.0.0.0/8; an end host connected to that router may have a routable
> address legitimately allocated to it but be forced to point its default
> route at the *non-routable* address of its gateway.  This is bogus
> network design (it is a poor adaptation from the world of "unnumbered"
> HDLC interfaces on some routers to the world of PPP, where each endpoint
> must have an address; better to allocate a single address to _all_ such
> interfaces on a large router and reuse it for multiple peers) but it is
> in fact a situation some users are faced with.

Thor,

Does the scenario you describe necessarily involve a weak host?  The end
host may have both a 10/8 number and a global address assigned to its
point-to-point interface.  So long as the packet with source address =
global address is sent from the same interface where the global address
is assigned, that's still "strong host" behavior, no?

Where NetBSD does not behave *already* as a weak host, my patch will
not break these rules in RFC 1122:

            (A)  A host [MUST] silently discard an incoming datagram whose
                 destination address does not correspond to the physical
                 interface through which it is received.

            (B)  A host [MUST] restrict itself to sending (non-source-
                 routed) IP datagrams only through the physical
                 interface that corresponds to the IP source address of
                 the datagrams.

[I have replaced MAY with MUST according to RFC 1122, "The Strong ES (End
 System, i.e., host) model emphasizes the host/gateway (ES/IS)
 distinction, and would therefore substitute MUST for MAY in issues (A)
 and (B) above."]

I think it is always reasonable and often useful to use an IP source
address with like "scope" as the destination address, if

        (1) the application does not specify otherwise by, say,
            bind(2)'ing a different address than INADDR_ANY, and

        (2) the physical output interface has such an address
            assigned---that is, don't break "strong host" semantics

> *Some* users of our stack may quite legitimately prefer
> to violate the strong host model and transmit packets on interface A
> with the source address of interface B according to destination address
> of the packets; it gets them reachability even in the presence of dumb
> numbering of point-to-point links that may be beyond their control.

I am re-emphasizing that this is not what I propose.

Dave

-- 
David Young             OJC Technologies
dyoung@ojctech.com      Urbana, IL * (217) 278-3933