Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 15 Feb 2005 21:29:30 +0000
From:      Daniela <dgw@liwest.at>
To:        Jan Grant <Jan.Grant@bristol.ac.uk>
Cc:        questions@freebsd.org
Subject:   Re: How do I set the source address on a multi-homed host?
Message-ID:  <200502152129.31091.dgw@liwest.at>
In-Reply-To: <Pine.GSO.4.61.0502130930530.7366@mail.ilrt.bris.ac.uk>
References:  <200502112206.43267.dgw@liwest.at> <200502121505.20754.dgw@liwest.at> <Pine.GSO.4.61.0502130930530.7366@mail.ilrt.bris.ac.uk>

next in thread | previous in thread | raw e-mail | index | archive | help
On Sunday 13 February 2005 09:37, Jan Grant wrote:
> On Sat, 12 Feb 2005, Daniela wrote:
> > Yes, this happens when I connect from my machine (which functions as a
> > router with NAT to allow the other LAN machines connect to the internet)
> > to another LAN machine. When the router establishes a connection to
> > another point in the intranet, the source address used is my official IP,
> > and not 10.0.0.1, which is the intranet IP of the router.
> > In other words, I want the source address to be 10.0.0.1 on every
> > outgoing connection where the destination is inside my intranet.
>
> Assuming you haven't munged the internal IP address to hide it, and with
> all due deference to the FreeBSD "mechanism, not policy" mantra: no, you
> don't want to do this. The 10.0.0.0/8 block of addresses is explicitly
> for private use and is not routable on the internet.
>
> If your firewall is causing problems with this setup, you might need to
> re-examine your firewall settings.
>
> Having said that: technically, you specify source addresses for
> connections by calling bind(2) prior to calling connect(2). If you fail
> to do this, the operating system will select a source IP address for
> you. This'll often be the IP of the outgoing interface.

Well, if the OS selects the source IP, can't I just modify the code that 
selects it? Will this work all the time, or just when the application lets 
the OS select an address for it?

> Unless your particular application explicitly supports the selection of
> source addresses, you're mostly out of luck. For instance, ping(8)
> supports this (see the -S option).
>
> Cheers,
> jan



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200502152129.31091.dgw>