kernel for 1.2

To: Debian developers list <debian-devel@lists.debian.org>
Subject: kernel for 1.2
From: Ian Jackson <ian@chiark.greenend.org.uk>
Date: Tue, 29 Oct 96 15:31 GMT
Message-id: <[🔎] m0vIG8d-0004NwC@chiark.greenend.org.uk>

Bruce writes:
> IP forwarding is already a run-time parameter. It automaticaly starts
> working when you have two IP interfaces.

However, according to RFC1122 (Host Requirements, Communication
Layers), the IP forwarding code MUST be disabled by default.  See the
extracts below.

It is OK for it to be compiled in, but there MUST be a separate switch
to turn it on.  Having IP forwarding automatically enabled when
multiple interfaces are configured is NOT acceptable.  See in
particular the sentence:

        The host software MUST NOT automatically move into gateway
      mode if the host has more than one interface, [...]

Thanks,
Ian.

3. INTERNET LAYER PROTOCOLS

   3.1 INTRODUCTION
...
      A host is said to be multihomed if it has multiple IP addresses.
      Multihoming introduces considerable confusion and complexity into
      the protocol suite, and it is an area in which the Internet
      architecture falls seriously short of solving all problems.  There
      are two distinct problem areas in multihoming:

      (1)  Local multihoming --  the host itself is multihomed; or

      (2)  Remote multihoming -- the local host needs to communicate
           with a remote multihomed host.

      At present, remote multihoming MUST be handled at the application
      layer, as discussed in the companion RFC [INTRO:1].  A host MAY
      support local multihoming, which is discussed in this document,
      and in particular in Section 3.3.4.

      Any host that forwards datagrams generated by another host is
      acting as a gateway and MUST also meet the specifications laid out
      in the gateway requirements RFC [INTRO:2].  An Internet host that
      includes embedded gateway code MUST have a configuration switch to
      disable the gateway function, and this switch MUST default to the
      non-gateway mode.  In this mode, a datagram arriving through one
      interface will not be forwarded to another host or gateway (unless
      it is source-routed), regardless of whether the host is single-
      homed or multihomed.  The host software MUST NOT automatically
      move into gateway mode if the host has more than one interface, as
      the operator of the machine may neither want to provide that
      service nor be competent to do so.
...

--
Ian Jackson, at home.   ian@chiark.greenend.org.uk          + 44 1223 3 31579
General: ijackson@chiark.greenend.org.uk  Permanent: ijackson@gnu.ai.mit.edu
Churchill College, Cambridge, CB3 0DS.   http://www.cl.cam.ac.uk/users/iwj10/

--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com

Reply to:

Follow-Ups:
- Re: kernel for 1.2
  - From: Christoph Lameter <clameter@waterf.org>
- Re: kernel for 1.2
  - From: kai@khms.westfalen.de (Kai Henningsen)

Prev by Date: Re: 'dpkg' and setuid
Next by Date: Bug#5165: lpr removal problem
Previous by thread: Re: kernel for 1.2
Next by thread: Re: kernel for 1.2
Index(es):
- Date
- Thread