John Cronin wrote: > > > The Issue: > > > > > > There is a flaw in the TCP/IP stack, such that packets intended for > > > loopback and/or local network interfaces, routed via any other > > > interface, will be delivered EVEN IF THE MACHINE IS CONFIGURED NOT TO > > > BE A GATEWAY (note that in the case of packets destined for the > > > loopback interface, we consider this to be a fault no matter how the > > > host is configured - see RFC 1122 comments below). > > What about a virtual IP bound to the loopback interface, or a dummy > interface? This is precisely what many load balancing and high > availability failover clusters do, as previously mentioned. A virtual IP bound to the loopback interface is not in 127/8 and so would not be filtered. Cheers, Ben. -- http://www.apache-ssl.org/ben.html "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff ApacheCon 2001! http://ApacheCon.com/
- Re: Loopback and multi-homed routing flaw in TCP... Kurt Seifried
- Re: Loopback and multi-homed routing flaw in TCP/IP stack... Perry Harrington
- Re: Loopback and multi-homed routing flaw in TCP/IP ... ddowney
- Re: Loopback and multi-homed routing flaw in TCP... Perry Harrington
- Re: Loopback and multi-homed routing flaw in... Ben Laurie
- Re: Loopback and multi-homed routing fla... Perry Harrington
- Re: Loopback and multi-homed routin... Ben Laurie
- Re: Loopback and multi-homed routing flaw in... Dan Harkless
- Re: Loopback and multi-homed routing flaw in TCP/IP ... ddowney
- Re: Loopback and multi-homed routing flaw in TCP/IP ... John Cronin
- Re: Loopback and multi-homed routing flaw in TCP/IP stack... Neil W Rickert
- Re: Loopback and multi-homed routing flaw in TCP/IP ... Ben Laurie
- Re: Loopback and multi-homed routing flaw in TCP... David Litchfield
- Re: Loopback and multi-homed routing flaw in... Robert Collins
- Re: Loopback and multi-homed routing flaw in... Lincoln Yeoh
- Re: Loopback and multi-homed routing flaw in TCP/IP ... Lars Mathiesen
- Re: Loopback and multi-homed routing flaw in TCP/IP stack... Lothar Beta
- Re: Loopback and multi-homed routing flaw in TCP/IP ... David Damerell
- Re: Loopback and multi-homed routing flaw in TCP/IP stack... 3APA3A