controlling source IP on connections

Joseph L. Casale jcasale at activenetwerx.com
Tue Jun 14 16:48:01 UTC 2011


>Thanks for any help or pointers.  Or if it just can't be done, it would
>be nice to know that as well.

My suggestion is learn to work with the toolset as designed. With the
exception of client-to-client/lan-to-lan, any connections from the box
with the p-t-p connection instantiated on it originates connections via
this interface.

So, use a ccd and client confs to force a known ip on the server, then
mitigate the connections as you now can reliably expect them. For example,
if you are not expecting the lan behind the client to have connectivity,
you know exactly what connections to allow. If you are, you now have two
case to account for, not much more complicated etc...

There are some apps/utils (rsyncd --address etc) that allow an interface choice,
but my experience is it's a lot more easier to work as I suggest and cover all
cases reliably and as expected.

jlc


More information about the users mailing list