From nobody Thu Feb 16 22:12:34 2023 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PHq1y1ycdz3qPtv for ; Thu, 16 Feb 2023 22:12:38 +0000 (UTC) (envelope-from johnl@iecc.com) Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "gal.iecc.com", Issuer "Let's Encrypt Authority X3" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PHq1x2kv1z4DYp for ; Thu, 16 Feb 2023 22:12:37 +0000 (UTC) (envelope-from johnl@iecc.com) Authentication-Results: mx1.freebsd.org; none Received: (qmail 5644 invoked from network); 16 Feb 2023 22:12:35 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=1608.63eeaa53.k2302; bh=rmywXp1WeKOfuK9s7w3Zx0RP7ajAZWT4GHYpAaNCzQU=; b=Pz4pY4N02mIDqFe41jqRha4WcIczajcxo7skM3dQsS63osbnC3GVnYcKsBWs55xDRz+FZa4x1WxlbMcm87C2M4UTbwcrXBJFK+vfKt/KS4gwGsVlAugzMOS24twm9JB6fpZYVmTsic9ol3/34MUXxHgKXMWsyy4QhDJZp8ZbYJtSRtAX/d2iKYIU0uLisIPwSqZRj4S/QuWAOpHI/0wYpB/xUsI0wpM3WsyxO3VCBL8sEHnD6c8M1TPvZCmwU53qEs6Ro+blzFYAQsUpiYtdW4Vn2Ayfh7mNJl0Njmq8N0bcKEhNpb2E0X2DakYopzJOMaghWpExBwFGNTCU+Ps4Zg== Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.3 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 16 Feb 2023 22:12:35 -0000 Received: by ary.qy (Postfix, from userid 501) id 7C6999986157; Thu, 16 Feb 2023 17:12:34 -0500 (EST) Date: 16 Feb 2023 17:12:34 -0500 Message-Id: <20230216221234.7C6999986157@ary.qy> From: "John Levine" To: freebsd-questions@freebsd.org Cc: paul@gromit.dlib.vt.edu Subject: Re: Source IP selection In-Reply-To: Organization: Taughannock Networks X-Headerized: yes Cleverness: minimal List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org Mime-Version: 1.0 Content-type: text/plain; charset=utf-8 Content-transfer-encoding: 8bit X-Rspamd-Queue-Id: 4PHq1x2kv1z4DYp X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:6939, ipnet:2001:470::/32, country:US] X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-ThisMailContainsUnwantedMimeParts: N It appears that Paul Mather said: >> My VPS provider (Linode) gave me a secondary address so my two nodes >> can talk to each other without accruing charges. Note that: >> >> - it really is an alias on the same interface, *not* a VLAN >> >> - it is not a publicly routable address (192.168.) While the advice about setting addresses in unbound was good, my advice would be "don't do that." Depending on IPs on the same interface to be routed differently will just cause endless pain. Linode says you can set up a VLAN for free. Why not do that, and put the shortcut on a separate interface? Then everything should work without any funny configuration.