Re: Strong-end vs weak-end host model

From: Pascal Hambourg
Date: Thu Jan 28 2010 - 07:04:33 EST


Pau Garcia i Quiles a écrit :
> By default the TCP/IP stack in Linux has a weak-end [1] behavior,
> which is causing a lot of trouble for me in a very specific but widely
> used scenario here at work. Is it possible to make it strong-end
> *without* bridging interfaces? (which is the only way I've found,
> here:
> )

Huh ? What does bridging have to do with the host model ?

1) Use iptables filtering rules based on the source/destination address.
2) If ARP is an issue (should not be for a simple multihomed host), tune
the sysctls net.ipv4.conf.*.arp_{filter,announce,ignore}.
