IP forwarding
Christoph Lameter wrote [SuperCite undone - iwj]:
> On Tue, 29 Oct 1996, Ian Jackson wrote:
> >However, according to RFC1122 (Host Requirements, Communication
> >Layers), the IP forwarding code MUST be disabled by default. See the
> >extracts below.
> >
> >It is OK for it to be compiled in, but there MUST be a separate switch
> >to turn it on. Having IP forwarding automatically enabled when
> >multiple interfaces are configured is NOT acceptable. See in
> >particular the sentence:
> >
> > The host software MUST NOT automatically move into gateway
> > mode if the host has more than one interface, [...]
>
> The current setup does require the user to manually setup the second
> interface (in /etc/init.d/network). There is no way to automatically
> configure a secondary network card to my knowledge.
>
> Thus it requires user intervention to enable forwarding.
I'm sorry, you seem to have missed or failed to understand the
important text, so I shall quote it again:
The host software MUST NOT automatically move into gateway
mode if the host has more than one interface, [...]
Ie the fact that the user asked for another interface (supposing even
that they had to do this explicitly, which as has been pointed out may
not be the case) MUST NOT be sufficient to enable IP forwarding. Some
OTHER action must be taken.
Ie IP FORWARDING MUST BE OFF BY DEFAULT.
If you think that that sentence from RFC1122 means something else I'd
be grateful if you'd explain to us what you think it means and why you
think it means that rather than the thing that I think it means.
Excuse me for shouting, but there really is absolutely no choice here.
Ian.
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com
Reply to: