The selection of the correct source address is key to correct communication between hosts with multiple IP addresses. If a host chooses an address from a private network to communicate with a public Internet host, it is likely that the return half of the communication will never arrive.
The initial source address for an outbound packet is chosen in according
to the following series of rules. The application can request a
particular IP
[20],
the kernel will use the src hint from the chosen
route path
[21],
or, lacking this hint, the kernel will choose the first address
configured on the interface which falls in the same network as the
destination address or the nexthop router.
The following list recapitulates the manner by which the kernel determines what the source address of an outbound packet.
The application is already using the socket, in which case, the
source address has been chosen. Also, the application can
specifically request a particular address (not necessarily a
locally hosted IP; see
Section 9.7, “Binding to Non-local Addresses”) using the
bind call.
The kernel performs a
route lookup and finds an
outbound route for the destination. If the route contains the
src parameter, the kernel selects this IP
address for the outbound packet.
Also refer to this excerpt from the iproute2 command reference.
[20]
Many networking applications accept a command line option to prefer
a particular source address. The call to select a particular
IP is known as bind(), so the command
line option frequently
contains the word bind, e.g.,
--bind-address.
Examples of command line tools allowing specification of the source
address are nc -s $BINDADDR $DEST $PORT or
socat -
TCP4:$REMOTEHOST:$REMOTEPORT,bind=$BINDADDR.
[21]
In this case, the route has already been selected (see
Section 4.5, “Route Selection”) and the chosen route entry
includes a hint for preferred source address on outbound packets
specifically for this purpose. For examples on configuring the
routing tables to include this parameter, see
Example D.19, “Using src in a routing command with
route add”.