On Fri, Dec 13, 2019 at 10:02 AM Victor Sudakov <[email protected]> wrote:
> But then, what is the real difference betwttn if-bound and global? > My understanding is that the difference applies when you have multiple paths to the same destination. For example, suppose you have a hardwired ethernet connection on em0, and you also have a wireless connection on iwn0, and you freely switch back and forth between them but use the same IP address on both. With if-bound states, switching from one interface to another would require you to restart all your already-in-progress sessions in order to re-establish states on the new interface. With floating states, a state established on one interface could be used directly if packets for that connection suddenly start appearing on a different interface. (this is a bad example, I know, because ARP issues would make it hard for an IP to float back and forth transparently, but a more proper example is harder to explain). It is a more useful setting on a router in a mesh network, where packets you're forwarding might move between different interfaces, as their path through the network is adjusted due to congestion or whatever. On an endpoint it's not particularly useful unless you want to allow sessions to migrate between different interfaces (all using the same IP address), which is a somewhat rare use case and one you would normally use trunk interfaces to support, rather than floating states. -ken
