Re: UDP server on multihomed host; client behind packet filter

>Noted. (I read an abstract version of that statement in RFC1122.)
>However, even with a reply datagram from the request's specific
>destination IP address, there's no way to send a reply from the
>expected port, so this would still fail the filter state check.

The expected port is always right as long as you use the same
socket to with as you received with; it's the address that might
not be right.

>As an example, suppose I have some program spawned from inetd (bound
>to INADDR_ANY) as dgram/wait. Either I could use the existing
>socket with dgrams sourced from the right port with the potentially
>wrong address (whatever the primary address on the interface is),
>or I could create a new socket, bind it to the request's destination
>address, and send with whatever ephemeral port the OS assigns. An
>attempt to bind to the original service port would fail w/ EADDRINUSE.

What you need to do is set the IP_RECVDSTADDR option and receive
the address used by the other side in the control message (in Solaris this
means you have to use "xnet" sockets)

Casper