[TUHS] IP weak/strong host model (was Re: OSI stack (Was: Posters))

Derek Fawcus dfawcus+lists-tuhs at employees.org
Wed Feb 6 08:14:22 AEST 2019


On Tue, Feb 05, 2019 at 11:01:23AM -0700, Grant Taylor via TUHS wrote:
> 
> Multi-homed IPv4 hosts (all that I've tested) usually allow traffic to a 
> local IP to come in on any interface, even if it's not the interface 
> that the IPv4 address is bound to.
> 
> Take the following host:
> 
> +---+   +-----------------+   +---+
> | A +---+ eth0   B   eth1 +---+ C |
> +---+   +-----------------+   +---+
> 
> Even if B has IPv4 forwarding disabled, A will very likely be able to 
> talk to B via the IPv4 address bound to eth1.  Likewise C can talk to B 
> using the IPv4 address bound to eth0.

This is generally referred to as the weak host model (or End System),
as opposed to the strong host model.  See RFC 1122, sect 3.3.4.2.

> My understanding is that IPv6 changes this paredigm to be explicitly the 
> opposite.  If B has IPv6 forwarding disabled, A can't talk to B via the 
> IPv6 address bound to eth1.  Nor can C talk to B via the IPv6 address 
> bound to eth0.

That is not my understanding.  Either protocol can use either model in
a given system.  In theory it could even differ depending upon configurations.

Most systems I've worked on have used the weak model, but that is largely,
because they were routers, and looked up destinations in a FIB (or RIB)
before (or as well as) considering interface addresses.

Some OS's I've used followed the weak scheme, some followed the strong
scheme.

The following suggests that Linux defaults to weak, and that BSDs
default to strong; I've never tested that BSD case, but from memory
OSX (xnu) defaults to weak.

https://unix.stackexchange.com/questions/258810/linux-source-routing-strong-end-system-model-strong-host-model

DF


More information about the TUHS mailing list