Strong-end vs weak-end host model

From: Pau Garcia i Quiles
Date: Thu Jan 28 2010 - 06:45:42 EST


By default the TCP/IP stack in Linux has a weak-end [1] behavior,
which is causing a lot of trouble for me in a very specific but widely
used scenario here at work. Is it possible to make it strong-end
*without* bridging interfaces? (which is the only way I've found,

[1] in case of server multihomed …
“strong-end model” = refers to the kernel that
accepts packets on an interface only if DST_IP is
equal to the IP of the interface
“weak-end model” = refer to the kernel that
accepts packets only if DST_IP is equal to the IP of
any interface of the server

(see slide 12 in

AFAIK this is possible on Windows since Vista. For now I'm solving the
issue by making sure all the network libraries and applications make
use of SO_BINDTODEVICE but it's a PITA.

Thank you.

Pau Garcia i Quiles
(Due to my workload, I may need 10 days to answer)
