From owner-freebsd-net@FreeBSD.ORG  Sat Feb 25 14:28:56 2006
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
X-Original-To: freebsd-net@freebsd.org
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 469DD16A420
	for <freebsd-net@freebsd.org>; Sat, 25 Feb 2006 14:28:56 +0000 (GMT)
	(envelope-from b.candler@pobox.com)
Received: from proof.pobox.com (proof.pobox.com [207.106.133.28])
	by mx1.FreeBSD.org (Postfix) with ESMTP id BF33743D46
	for <freebsd-net@freebsd.org>; Sat, 25 Feb 2006 14:28:49 +0000 (GMT)
	(envelope-from b.candler@pobox.com)
Received: from proof (localhost [127.0.0.1])
	by proof.pobox.com (Postfix) with ESMTP id 061DD7C3B4;
	Sat, 25 Feb 2006 09:28:49 -0500 (EST)
Received: from mappit.local.linnet.org (212-74-113-67.static.dsl.as9105.com
	[212.74.113.67])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by proof.sasl.smtp.pobox.com (Postfix) with ESMTP id C8AE51F079;
	Sat, 25 Feb 2006 09:28:47 -0500 (EST)
Received: from lists by mappit.local.linnet.org with local (Exim 4.60
	(FreeBSD)) (envelope-from <b.candler@pobox.com>)
	id 1FD0Pe-000IJV-Ib; Sat, 25 Feb 2006 14:28:46 +0000
Date: Sat, 25 Feb 2006 14:28:46 +0000
From: Brian Candler <B.Candler@pobox.com>
To: Edwin Groothuis <edwin@mavetju.org>
Message-ID: <20060225142846.GA70376@uk.tiscali.com>
References: <20060225070722.GA92618@k7.mavetju>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20060225070722.GA92618@k7.mavetju>
User-Agent: Mutt/1.4.2.1i
Cc: freebsd-net@freebsd.org
Subject: Re: socket / bind - specific address
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 25 Feb 2006 14:28:56 -0000

On Sat, Feb 25, 2006 at 06:07:22PM +1100, Edwin Groothuis wrote:
> The situation is as follows:
> 
> We have a couple of FreeBSD routers, with RFC1918 addresses on the
> ethernets and a public address on the loopback. This works fine for
> connecting to the routers, but is problematic for locally originated
> outgoing traffic (think NTP, think syslog): it takes the IP address
> of the outgoing interface, which is the RFC1918 address.
> 
> Is there a way (sysctl, kernel option) to define which IP address
> is used for locally originated outgoing traffic?

One way is to run your daemon (ntpd, syslogd etc) within a jail, and give
the jail your public loopback as its IP address.

Another is just to configure each daemon to bind to the appropriate port, if
it supports that option. syslogd has a '-b' flag; I don't know if ntpd can
be configured thusly.

Regards,

Brian.