Interface name works, address doesn't

Question

If I pass the interface name to curl, everything works as expected:

$ curl --interface eth1 http://example.com
<!doctype html>
<html>
<head>
    <title>Example Domain</title>
...

If I instead pass the interface address, it times out:

$ curl --interface 192.168.26.100 http://example.com
curl: (28) Failed to connect to example.com port 80 after 130248 ms: Couldn't connect to server

I'm trying to figure out why I can't bind using the interface address, since a software I'm using only supports binding to addresses, not interface names.

What could be going on? Here are the outputs of ip addr and ip route show:

$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host noprefixroute
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether d8:3a:dd:5c:9d:77 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.100/24 brd 192.168.1.255 scope global dynamic noprefixroute eth0
       valid_lft 81459sec preferred_lft 81459sec
    inet6 fe80::a62e:3721:980e:beeb/64 scope link noprefixroute
       valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 1000
    link/ether ac:49:43:f8:eb:6e brd ff:ff:ff:ff:ff:ff
    inet 192.168.26.100/24 brd 192.168.26.255 scope global dynamic noprefixroute eth1
       valid_lft 81456sec preferred_lft 81456sec
    inet6 2001:14bb:ae:e82:f00e:38ba:2b2e:6f7c/64 scope global dynamic noprefixroute
       valid_lft 7192sec preferred_lft 3592sec
    inet6 fe80::2b6f:a6fc:d642:10e3/64 scope link noprefixroute
       valid_lft forever preferred_lft forever

$ ip route show
default via 192.168.1.1 dev eth0 proto dhcp src 192.168.1.100
default via 192.168.26.1 dev eth1 proto dhcp src 192.168.26.100 metric 100
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.100
192.168.26.0/24 dev eth1 proto kernel scope link src 192.168.26.100 metric 100

Edit: After looking at related questions, it seems ip route get 192.168.26.100 is returning the wrong interface (eth0, rather than eth1) when I use the IP address:

$ ip route get oif eth1 to 8.8.8.8
8.8.8.8 via 192.168.26.1 dev eth1 src 192.168.26.100 uid 1000
    cache

$ ip route get 192.168.26.100 to 8.8.8.8
8.8.8.8 via 192.168.1.1 dev eth0 src 192.168.1.100 uid 1000
    cache

How can I fix this?

Answer 1

When you have two or more interfaces, the default behavior is technically known as the weak host model: the source IP address of outgoing packets has no impact on the choice of outgoing interface. That would lead to asymmetric routing, and modern routers tend to frown on that.

To make the system conform to your expectations, you would need to configure the system for the strong host model: that requires the configuration of stricter ARP filtering and advanced routing, to give each network interface its own routing table and thus its own default gateway. The linked question has a more detailed discussion on the required configuration.

The weak host model and the strong host model are two alternative IP protocol stack design principles: Linux uses the weak host model by default, mostly because it requires fewer operations on each packet, and thus can perform better in common use cases.