Hi folks, In the course of creating test cases for Clearview's ipnet observability feature, I've come across some cases where traffic can pass between zones that I did not expect. This occurs when you bind a local address 127.0.0.1, then connect or send to the IP address of another shared-stack zone (or the global zone) on the system.
This "succeeds" in both TCP and UDP cases. In the TCP case, traffic can flow both ways, but in the UDP case, from what I can tell, if the receiver attempts to reply to the message source, it will communicate with the loopback (127.0.0.1) interface local to that zone. So in effect, the listener is fooled into thinking the packet originated from inside the zone where the listener is running. I'm interested in any opinions as to whether this is valid or desirable behavior. Incidentally, IPv6 traffic from ::1 cannot cross zone boundaries this way. -John -- This message posted from opensolaris.org _______________________________________________ networking-discuss mailing list [email protected]
