In message <B541196F-4573-411C-B3FC-07505D1ABAFD@shagadelic.org>,
Jason Thorpe writes:
>Indeed -- Jonathan -- can you please describe the semantics that you  
>have confirmed that we have?

See sys/netinet/ip_input.c, the sysctl net.inet.ip.checkinterface, and
the comments just above the line

int	ip_checkinterface  = 0; 

That, plus:

1.  a-priori knowledge that a given host has at most one
    address per interface, and at most one interface on a given subnet;

2.  A-priori knowledge of a [statically-configured]  routing table;

3.  Conscious reliance on the fact that *BSD kernels use, for
    unbound sockets, the local address of the outbound interface;

Then 4.4BSD (posibly earlier) and descendants gives one a reasonably
good strong- ES model. Item #2 is for pedantry; the real assumption is
that for any given remote address, you can predict the outbound
interface that will be chosen.

Oh... I haven't actually verified the code in -current works; but I
did do an actual test on my own private mutant tree. I just did a
quick pass through ip_input.c rev 1.212 on my old sack-check tree;
looks good to me.

Was this news to anyone? I confess I didn't understand, at all,
Mouse's response over the weekend.


David, I admitted earlier to some confusion about exactly what you
were proposing.  Manuel's config has two NICS with only one address
per NIC, so to fix Manuel's problem, you *have* to break the strong-ES
behaviour sketched above. (Traffic routed out the default net goes out
Manuel's 10.1.1.1 NIC but to fix Manuel's problem you *must* send it
out the net-10 interface, but with Manuel's private address as local
address; thus breaking strong-ES).

Does anyone (anyone at all)d, disagree with that statement?