Source IP incorrect on multi homed systems
Sebastian Hyrvall
sh at keff.org
Sun Feb 19 18:08:44 UTC 2023
It is the default behavior of the kernel. But all networking software
dealing in security knows how to correctly behave. You are welcome to
inform me of something else suffering the same problem.
On 2023-02-20 01:04, Janne Johansson wrote:
> Den sön 19 feb. 2023 kl 18:06 skrev Sebastian Hyrvall <sh at keff.org>:
>> You should get into that debate. Proposing firewall workarounds is not a
>> correct solution so please don't do it. It needs to be fixed. It's an
>> immature VPN solution that always just proposed a workaround instead of
>> fixing the problem.
> I would make sure that you are not mis-ascribing the problem* to "an
> immature VPN" and not what the default UDP behaviour of the kernel is,
> to pick a working interface to send packets from based on the routing
> table, in which any/all udp based tunnel would suffer the same
> problem. If you google it, you may find that other udp transports face
> the same "problem".
>
> *) https://en.wiktionary.org/wiki/Chesterton%27s_fence
>
More information about the WireGuard
mailing list