27

The target machine running the python application will have three network interfaces available to it. In general all three networks will be vastly different, however there is a possibility that two of the three could be on similar networks.

In the example below I do not have control over the destination address on ETH 2 (as it a pre-configured system), so I forced into selecting what adapter to use programmaticly.

I am fairly sure that this will fall on how the OS works with routing the connections. My hope is that there will be a platform independent way to solve the issue using python, because there is a possibility that this application will need to run on Windows 7 as well as a Linux machine.

Example Code 

import socket
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect(('192.168.0.2', 8000)) # Which device will this connect to??

Normal Case

  • ETH 0 Source: 192.168.0.1
  • ETH 0 Destination: 192.168.0.2
  • ETH 1 Source: 10.20.30.1
  • ETH 1 Destination: 10.20.30.2
  • ETH 2 Source: 60.50.40.1
  • ETH 2 Destination: 60.50.40.1

Possible Trouble Case

  • ETH 0 Source: 192.168.0.1
  • ETH 0 Destination: 192.168.0.2
  • ETH 1 Source: 10.20.30.1
  • ETH 1 Destination: 10.20.30.2
  • ETH 2 Source: 192.168.0.3
  • ETH 2 Destination: 192.168.0.2

Additional Information
Adapters ETH0,1,and 2 are all connected to different physical netoworks

Adam Lewis
  • 7,017
  • 7
  • 44
  • 62
  • What type of socket are we talking about? Are your two 192.168.0.x meant to be the same network or two different networks using the same RFC1918 address space? – themel Dec 08 '11 at 21:14
  • @themel: I have not done much socket programming that was far from the 'happy path', so I am afraid I don't understand your first question. Check out my edit for your 2nd question. – Adam Lewis Dec 08 '11 at 21:21

3 Answers3

26

I can't speak much for Windows, but on Linux the interface is normally not chosen until a routing decision is made, therefore you usually don't have a say on which interface your packets leave.

You do have the option though, of using SO_BINDTODEVICE (see man 7 socket) on Linux. This binds a socket to a device, however, only root can set this option on a socket.

Just checked, and the python socket library doesn't have SO_BINDTODEVICE defined, but you get it from socket.h:

# from socket.h
# define SO_BINDTODEVICE 25

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.setsockopt(socket.SOL_SOCKET, 25, 'eth0')

See also:

Community
  • 1
  • 1
JimB
  • 104,193
  • 13
  • 262
  • 255
  • 1
    Well this is exactly what I did not want to hear (about the routing). The good news is that the target system is now more than likely going to be Linux. Thanks for the example and links, both very helpful. – Adam Lewis Dec 09 '11 at 15:35
  • 3
    You can use socket.SO_BINDTODEVICE instead of the raw value of '25' – Gearoid Murphy Feb 14 '19 at 03:56
  • Why curl Windows does not supprt specific "--interface"? – CS QGB Jan 05 '23 at 08:22
  • Not quite right. Need to do something like: `s.setsockopt(socket.SOL_SOCKET, socket.SO_BINDTODEVICE, 'eth0\0'.encode('utf-8'))` – Jim Fell May 02 '23 at 22:41
19

On Windows, if you know the IP address of the interface you want to use, just bind to that before you connect. On Linux,use socket option SO_BINDTODEVICE as suggested by JimB (seems to be a privileged call too).

i.e. on Windows

import socket
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.bind(('192.168.0.1', 0))
s.connect(('...'))

Binding source address under Windows, selects the interface with the same IP address as that device, even if that IP address has a higher routing metric cost. This doesn't work under Linux though, as it always overwrites the source address with the IP address of the selected device. Routing is done based solely on the destination address. The only exception it seems is if you set source address to 127.0.0.1, then Linux prevents these packets from going out of that box.

computermacgyver
  • 802
  • 7
  • 15
Lloyd Macrohon
  • 1,432
  • 9
  • 7
  • 2
    Addresses are system-wide, and binding to a specific address doesn't choose the interface from which the packets leave. That decision is made during routing. – JimB Dec 09 '11 at 13:52
  • Typically, you have a unique ip address per device. SO_BINDTODEVICE is Linux specific, so this was another way around it. – Lloyd Macrohon Dec 09 '11 at 19:09
  • 2
    The question was how to select the network adapter, which `bind` does not do. Bind sets the address/port for your socket, that's all. The interface that receives the packets will most likely be the one you want, but your outgoing packets will leave via the interface determined during routing, usually the one with the default GW. – JimB Dec 09 '11 at 19:35
  • Yes, that bit, I know. I just assumed that if you set the source address, the routing sub-system would pick an entry in the routing table that has at least a route back to it. If it's done solely on destination address. Then this won't work. – Lloyd Macrohon Dec 09 '11 at 20:01
  • I just did a quick python test on Linux. Bind source address to 127.0.0.1 and send to an external address (goes through default route). Connect fails with Invalid argument. Bind source address to IP address on wlan0, then it works. So it looks like it takes into account source address, not just destination address. I will have to try this in C later to see if this is a Python issue or a system issue, but I have to run for now. – Lloyd Macrohon Dec 09 '11 at 20:18
  • I too am looking into this (I am gathering a few switches and laptops). When you are testing this, try to use something other than local host as well for another data point. – Adam Lewis Dec 09 '11 at 23:10
  • I've done my experiment on my laptop (Linux: eth0 and wlan0), and on my desktop (Windows: 2 ethernet cards), i.e. no loopback. Monitored traffic with Wireshark. Linux will use the source address of the device it went through. Windows allows you to bind a source address and will choose the device with that IP address, even if that device has a higher routing metric. I did both tests in C but Python should be the same. So my suggestion is to use SO_BINDTODEVICE on Linux and bind to IP address on Windows. – Lloyd Macrohon Dec 10 '11 at 05:18
  • Great information and thanks for testing your thoughts. I ran a few similar tests on Windows 7 and XP and concur. When I have my Linux boxes up I will repeat the tests. – Adam Lewis Dec 11 '11 at 04:01
  • If you don't mind, can you move your findings up to your answer? I find it very useful and I'm sure others will as well. – Adam Lewis Dec 11 '11 at 16:09
  • 1
    Linux can base its routing decisions also on source address, that's part of what policy routing allows, see `ip rule`. – ninjalj Dec 11 '11 at 19:45
-1

SO_BINDTODEVICE sounds reasonable, but normally you'll indirectly select a device by what IP address you bind to. More often than that, you'll just bind to '', to bind to all address of the machine.

dstromberg
  • 6,954
  • 1
  • 26
  • 27