is%netbsd.org@localhost wrote:
On Thu, Jan 31, 2013 at 09:57:17PM +1100, Darren Reed wrote:I wonder if focusing on addresses is the correct thing to do. Should we in fact be focusing on network interfaces instead?No. At least that's a different problem. We started talking about multiple addresses on the same LAN, some being randomized and only intended for pseudonymous access to untrusted peers. The desire is to have an application tell it doesn't want to use them; think address-authorized lpr or nfs.
What about being able to give an address a "metric" that enabled a sorting order for address selection? # ifconfig bge0 alias 192.168.1.1 netmask 255.255.255.0 weight 15 # ifconfig bge0 alais 10.1.1.1 netmask 255.255.252.0 weight 50 Another approach might be to support having the default address to use as part of the process's properties, so that in the NFS mount script you can do: [ -n "$nfs_localaddr" ] && \ sysctl -w "proc.$$.localaddrlist=$nfs_localaddr" in the various _precmd() bits that start the SunRPC bits. Another approach might be to support having process-local routing tables such that you could do: [ -n "$nfs_ifa" -a -n "$nfs_server" ] && \ route add -host "$nfs_server" -ifa "$nfs_ifa" -proc $$ Both of the sysctl/route approaches more or less dictate using an API that isn't setsockopt. Thoughts? Darren