On 19-Mar-05, 10:00 (CST), Matthias Urlichs <[EMAIL PROTECTED]> wrote:
>
> Umm, rp_filter is for rejecting packets whose *source* address is from the
> wrong network.
Right. I know this. But what Joel was originally talking about was
rejection of packets on interface A that are destined for an address on
interface B; Joel seemed to be claiming that if this didn't happen by
default, then the OS was a "toy"; I was pointing out that Linux itself
fails this.
> If you want to block accepting your own address as the *destination*, then
> no, there's no config parameter for that. Use iptables rules. :-/
And that's what we do. But some other OSs (Solaris) do support strict
multihoming with a config parameter, it would be nice if Linux did.
Steve
--
Steve Greenland
The irony is that Bill Gates claims to be making a stable operating
system and Linus Torvalds claims to be trying to take over the
world. -- seen on the net
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
