On Mon, 20 Sep 2010, Chuck Lever wrote: > > On Sep 17, 2010, at 6:22 PM, Jan RÄkorajski wrote: > [snip] > > > > What about TCP then? My patch was a by-product of trying to make '-h <IP>' > > also work for tcp sockets, so if we skip unbindable addresses for UDP, > > then will it be ok to do the same for TCP? > > Interesting. Now that I've actually looked at the documentation >> > blush << rpcbind(8) explicitly says that "-h" is only for UDP. I seem > to recall that the legacy portmapper had a problem on multi-homed > hosts where a request was received on one interface, and the reply was > sent out another. > > This is certainly a problem for datagram transports, but shouldn't be > an issue for connection-oriented transports: the reply is always sent > on the same connection as the request was received. > > Can you say a little more about why do you need "-h" to work for > connection-oriented sockets? I have a multihomed nfs server, and I don't want the portmapper to even listen on an outside interface. Second thing is a host for vservers (http://linux-vserver.org), I need to run portmapper in guests but rpcbind listening on INADDR_ANY is not letting me. And finally it's good to be consistent, it's strange to me that someone may want to limit only the UDP part of portmapper (modulo network issues you mentioned). -- Jan RÄkorajski | ALL SUSPECTS ARE GUILTY. PERIOD! baggins<at>mimuw.edu.pl | OTHERWISE THEY WOULDN'T BE SUSPECTS, WOULD THEY? BOFH, MANIAC | -- TROOPS by Kevin Rubio -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
