As the morning comes, some of my thoughts got straight(er). >> My understanding is that in order for L2 ethernet frames with payload to go >> between two hosts, their L3 IP "addresses" must be in the same L3 "subnet" as >> defined by network address bits and the mask size. > That doesn't sound quite right.
Well, I do think now that I phrased it clumsily ;( It referred to the second case of the lookup algorithm you explained. Specifically the part where "destination address matches an IP subnet configured on some interface but is not a local address". This "matching" is the result of binary ANDing of the two host addresses with a subnet mask and comparing the resulting "network address" values. If they are the same, the two hosts are "on the same subnet". The culprit I think is that "matching" in all the cases you described occurs with local IP addresses configured on *some* (any) local interface. In this sense the host's local addresses are somewhat involved in the process, but with no regard to one of them being the L3 packet's source address (as you reminded so many times ;) ). However this matching interface is not necessarily used to push the packet onto the network. This kinda makes sense in ipmp, lacp and other cases of many-to-many interface-to-address relations, as well as for virtual interfaces (i.e. a public IP hosted on the loopback); but this seems flawed for one-to-one relations of an [aliased] interface and an IP address. >> Yes - but only for an L3 router device ;) > The differences between an L3 host and an L3 router are vanishingly > small in real life. Plus, Solaris *is* a fully functional L3 routing system. In fact, the differences exist (or I get them differently than you do, again ;} ). These differences are implemented in Solaris as interfaces ifconfig'ed with or without a ROUTER flag, as ndd keywords like ip_forwarding and so on. So while Solaris is indeed an L3 OS, it does behave differently when it's configured as a mere host or as a router/forwarder. And that's a good thing (availability of choice as well as configuration methods). Semantically, an L3 host is a host with an L3 (IP) address assigned. This host is only responsible for processing IP addresses assigned to some of its interfaces. An L3 router is a host also responsible for processing IP addresses not assigned to one of its interfaces (i.e. forwarding other hosts' packets between its physical or aliased interfaces). I think most of this discussion with the idea that the source IP address should be used in selection of a source L2 interface and the intermediate gateway (from the same IP subnet as the source IP address) is most relevant in the "L3 host" usecase. Perhaps this "src interface" addition to the address lookup algorithm should be enabled by another ndd keyword (dladm keyword, whatever). After all the QA cycles this keyword may become enabled by default :) It is my belief that an L3 host as a more "mass product" should work out of the box with minimal configuration for the most common scenarios, at least by default ;) L3 routers are usually more thoroughly and specifically configured for their task, they may have advanced routing daemons and firewall tricks, which allow the administrator to enforce the choices he deems correct. > Nobody at Sun thinks it's perfect, either. ... That's being fixed now. May I put these on a wall someday? Since some CR's are dated in the 1990's, this quote should hang someplace near Mozilla's "three-year-old new bug" ;} //Jim -- This message posted from opensolaris.org _______________________________________________ networking-discuss mailing list [email protected]
