< Previous by Date	Date Index	Next by Date >
	Thread Index

[reSIProcate-users] source address and source port for outgoing TCP

From: Daniel Pocock <daniel@xxxxxxxxxxxxx>
Date: Wed, 04 Dec 2013 16:14:57 +0100


I noticed that when making outgoing TCP connections, the stack has not
been binding the client socket to the transport's address.

If the transport's address is 0.0.0.0, this doesn't really matter, the
kernel IP stack should be free to choose the source address for the TCP
connection based on the specified destination IP.

However, if the transport has been configured with a specific IP to bind
for incoming connections then I feel there is a strong case for it to
use that IP for any outgoing TCP connections, in many cases the
administrator will have specified a bind IP with this in mind.

Some people may also want to use the transport's port number as the
source port for outgoing TCP connections

The more important point is the IP address, because sometimes people use
IP-based ACLs or they want to host several instances of a process on a
single box with different virtual IPs.  The source port probably only
matters when the ACLs or firewalls are configured in a very restrictive
manner and far fewer people would be in that situation.  The Asterisk
host= option in sip.conf is one example of an IP ACL mechanism that
cares about source IP.

Therefore, I have committed a change that causes the transport IP to be
used, the source port number continues to be selected randomly.

I suspect some people may have achieved similar behavior in their own
applications by using the AfterSocketCreationFuncPtr callback
mechanism.  The bind man page suggests that bind can only be used on a
socket that does not already have an address assigned, so calling bind()
again from mSocketFunc may now return EINVAL.

This change will appear in v1.9 but will not be backported to the v1.8
branch

Does anybody have any concerns about this?

The bind() call is being made before calling mSocketFunc - would anybody
prefer to see it call bind after mSocketFunc?

If people do really want to call bind from a custom socket func then I
could also tweak the code to suppress the bind() call (for example, if
the transport is using 0.0.0.0 or if some other config option is set)

Prev by Date: [reSIProcate-users] how to change destination IP?
Next by Date: Re: [reSIProcate-users] how to change destination IP?
Previous by thread: Re: [reSIProcate-users] how to change destination IP?
Next by thread: [reSIProcate-users] improved TLS PEM file support
Index(es):
- Date
- Thread