From: John Goerzen (jgoerzen_at_complete.org)
Date: Tue 03 Dec 2002 - 22:49:24 GMT
In article <20021203153204.dbfae2a56f4c_at_remtk.solucorp.qc.ca>, Jacques Gelinas wrote:
>> 1. The interfaces all have the broadcast and netmask of the first one.
> This will be fixed in 0.22 as explained in another message.
Excellent!
>> 2. All packets going out of the vserver have the source IP address
>> set to the first IPROOT address specified, regardless of which interface
>> they're going to.
>
> Yes, this is how it works. The vserver is forced to use the first IP in IPROOT
> to communicate. It is allowed to bind before connecting, but it must select
> one IP in its list.
When you say "it is allowed", do you mean "an application?"
> It would be possible for the kernel to select on IP in the IPROOT based on
> netmask and find the closest to the target address, so if you kind of bind
Hmm, isn't this how it normally works, using the routing tables? If so,
can't vserver just use that, and therefore just do the Right Thing?
For instance, on a machine with two ethernet interfaces, if I telnet to
192.168.1.1 it will set the source address on the packets to 192.168.1.2,
and if I telnet to 10.0.1.1, it will set the source address to 10.0.1.2.
There's nothing special that I have to do, nor the applications -- lynx,
mozilla, telnet, ftp, whatever -- they'll just get it right.
> This sounds like a valid enhancement. This would also solved the case where
> one vserver has two public IP and talks to different places using the two
> interface. Currently, it always uses the first IP unless told otherwise.
Exactly. This is precisely the situation I have; sorry if I've not
explained it well.
-- John