5 Feb
2019
5 Feb
'19
11:14 p.m.
On Tue, Feb 05, 2019 at 11:01:23AM -0700, Grant Taylor via TUHS wrote:
Multi-homed IPv4 hosts (all that I've tested) usually allow traffic to a
local IP to come in on any interface, even if it's not the interface
that the IPv4 address is bound to.
Take the following host:
+---+ +-----------------+ +---+
| A +---+ eth0 B eth1 +---+ C |
+---+ +-----------------+ +---+
Even if B has IPv4 forwarding disabled, A will very likely be able to
talk to B via the IPv4 address bound to eth1. Likewise C can talk to B
using the IPv4 address bound to eth0.
This is generally referred to as the weak host model (or End System),
as opposed to the strong host model. See RFC 1122, sect 3.3.4.2.
My understanding is that IPv6 changes this paredigm to
be explicitly the
opposite. If B has IPv6 forwarding disabled, A can't talk to B via the
IPv6 address bound to eth1. Nor can C talk to B via the IPv6 address
bound to eth0.
That is not my understanding. Either protocol can use either model in
a given system. In theory it could even differ depending upon configurations.
Most systems I've worked on have used the weak model, but that is largely,
because they were routers, and looked up destinations in a FIB (or RIB)
before (or as well as) considering interface addresses.
Some OS's I've used followed the weak scheme, some followed the strong
scheme.
The following suggests that Linux defaults to weak, and that BSDs
default to strong; I've never tested that BSD case, but from memory
OSX (xnu) defaults to weak.
https://unix.stackexchange.com/questions/258810/linux-source-routing-strong…
DF