curl-library
Re: SO_BINDTODEVICE (was Re: CURLOPT_LOCALPORT option broken ?!)
Date: Tue, 24 Feb 2009 09:46:49 -0800
Daniel Stenberg wrote:
> On Tue, 24 Feb 2009, koettermarkus_at_gmx.de wrote:
>
>> Subject: Behavior of SO_BINDTODEVICE
>> Date: Tuesday, November 11, 2008 - 6:09 am
>>
>> https://kerneltrap.org/mailarchive/linux-net/2008/11/11/4058724/thread
>> ( if you get ssl errors,
>> http://209.85.129.132/search?q=cache:ufmrJgCzFe0J:https://kerneltrap.org/mailarchive/linux-net/2008/11/11/4058724/thread
>> )
>>
>> "Well, first of all, the BINDTODEVICE is not intended to regulate the
>> source of response IP Addresses. It only regulates which Incoming TCP
>> Connections are accepted. IP Communication still is processed by the
>> IP FIB (Cache)." - Bernd Eckenfels
>
> This statement made me really curious. How would it restrict the bind to
> somehow only be for incoming data?
>
> I've snooped around in the code for Linux 2.6.28.6 just now and I cannot
> see that the above statement is exactly true. The *purpose* of that
> option may be to regulate what incoming data to accept, but given my
> (admittedly quick) glance over the code it is used for outgoing packets
> and thus it WILL have an affect even in our use case.
>
> Of course we could also just do some testing to see if this is the case
> or not... :-)
It forces packets sent on a bound socket to leave via the specified
interface, and it also influences the local IP used on outbound packets
(I'm not sure if it absolutely forces the source IP, as I also always
bind the source-IP in my application that uses this.)
It may influence rcvd packets as well...I haven't explicitly tested
that.
Thanks,
Ben
-- Ben Greear <greearb_at_candelatech.com> Candela Technologies Inc http://www.candelatech.comReceived on 2009-02-24