First, Your return key is broken, please fix that ;)


On Tue, Mar 14, 2023 at 07:51:44PM +0100, krystof@ibse.cz wrote:
> Hello everyone,
> I have a question about network stack configuration in Linux. Lets assume a Linux host with multiple network interfaces, a different ip address is set on each interface (for example eth0: 192.168.0.1/24 and eth1: 192.168.1.1/24) and forwarding is disabled. When another host in the network 192.168.0.0/24 sets a default route to this host and ping to 192.168.1.1, it will get a reply. Is there any way to prevent this behavior - meaning the first host replies only to traffic with destination address set on input interface and not all addresses set on the host? Something like rp_filter but for destination addresses? Or is the only way to set up a firewall with input interfaces and destination addresses in every rule?
> 

This is indeed not right.
Please try to ping any other host on the 192.168.1.0/24 network from
192.168.0.0/24 network. This might be just the case that the host with the
two interfaces replies on any interface independent of the network.


-H

-- 
Henning Follmann           | hfollmann@itcfollmann.com

Reply to:

Follow-Ups:
- Re: Network stack setup
  - From: krystof@ibse.cz

References:
- Network stack setup
  - From: krystof@ibse.cz

Prev by Date: Re: PDF on debian
Next by Date: Re: Network stack setup
Previous by thread: Network stack setup
Next by thread: Re: Network stack setup
Index(es):
- Date
- Thread

Re: Network stack setup