Linux: Bind UDP listening socket to specific interface (or find out the interface a datagram came in from)?

I have a daemon I'm working on that listens for UDP broadcast packets and responds also by UDP. When a packet comes in, I'd like to know which IP address (or NIC) the packet came TO so that I can respond with that IP address as the source. (For reasons involving a lot of pain, some users of our system want to connect two NICs on the same machine to the same subnet. We tell them not to, but they insist. I don't need to be reminded how ugly that is.)

There seems to be no way to examine a datagram and find out directly either its destination address or the interface it came in on. Based on a lot of googling, I find that the only way to find out the target of a datagram is to have one listening socket per interface and bind the sockets to their respective interfaces.

First of all, my listening socket is created this way:

s=socket(AF_INET, SOCK_DGRAM, IPPROTO_UDP)

To bind the socket, the first thing I tried was this, where nic is a char* to the name of an interface:

// Bind to a single interface
rc=setsockopt(s, SOL_SOCKET, SO_BINDTODEVICE, nic, strlen(nic));
if (rc != 0) { ... }

This has no effect at all and fails silently. Is the ASCII name (e.g. eth0) the correct type of name to pass to this call? Why would it fail silently? According to man 7 socket, "Note that this only works for some socket types, particularly AF_INET sockets. It is not supported for packet sockets (use normal bind(8) there)." I'm not sure what it means by 'packet sockets', but this is an AF_INET socket.

So the next thing I tried was this (based on bind vs SO_BINDTODEVICE socket):

struct sockaddr_ll sock_address;
memset(&sock_address, 0, sizeof(sock_address));
sock_address.sll_family = PF_PACKET;
sock_address.sll_protocol = htons(ETH_P_ALL);
sock_address.sll_ifindex = if_nametoindex(nic);
rc=bind(s, (struct sockaddr*) &sock_address, sizeof(sock_address));
if (rc < 0) { ... }

That fails too, but this time with the error Cannot assign requested address. I also tried changing the family to AF_INET, but it fails with the same error.

One option remains, which is to bind the sockets to specific IP addresses. I can look up interface addresses and bind to those. Unfortunately, is a bad option, because due to DHCP and hot-plugging ethernet cables, the addresses can change on the fly.

This option may also be bad when it comes to broadcasts and multicasts. I'm concerned that binding to a specific address will mean that I cannot receive broadcasts (which are to an address other than what I bound to). I'm actually going to test this later this evening and update this question.

Questions:

• Is it possible to bind a UDP listening socket specifically to an interface?
• Or alternatively, is there a mechanism I can employ that will inform my program that an interface's address has changed, at the moment that change occurs (as opposed to polling)?
• Is there another kind of listening socket I can create (I do have root privileges) that I can bind to a specific interface, which behaves otherwise identically to UDP (i.e other than raw sockets, where I would basically have to implement UDP myself)? For instance, can I use AF_PACKET with SOCK_DGRAM? I don't understand all the options.

Can anyone help me solve this problem? Thanks!

UPDATE:

Binding to specific IP addresses does not work properly. Specifically, I cannot then receive broadcast packets, which is specifically what I am trying to receive.

UPDATE:

I tried using IP_PKTINFO and recvmsg to get more information on packets being received. I can get the receiving interface, the receiving interface address, the target address of the sender, and the address of the sender. Here's an example of a report I get on receipt of one broadcast packet:

Got message from eth0
Peer address 192.168.115.11
Received from interface eth0
Receiving interface address 10.1.2.47
Desination address 10.1.2.47

What's really odd about this is that the address of eth0 is 10.1.2.9, and the address of ech1 is 10.1.2.47. So why in the world is eth0 receiving packets that should be received by eth1? This is definitely a problem.

Note that I enabled net.ipv4.conf.all.arp_filter, although I think that applies only to out-going packets.

dnsmasq has an example of this method, too

It turns out that binding to specific addresses is the wrong answer. When I do that, I cannot receive broadcast packets. While I agree that in general, one interface may have more than one address, that will not be the case here since this is a special-purpose system.

I've tried both strlen+1 and IF_NAMESIZE, and neither one works. I can send specifically to the address of eth1, and the socket I'm attempting to bind to eth0 is the one that receives it. Therefore, either I'm still doing something wrong here, or this approach doesn't work.

I investigated this and found the rp_filter option (net.ipv4.conf.all.rp_filter). Setting it to 1 doesn't do anything I could identify. But I set it to 2, and all of a sudden, I started receiving broadcasts on both eth0 and eth1. That's progress! NEVERTHELESS, packets sent specifically to 10.1.2.47 still arrive through eth0, so I can't make sense of that.

@TimothyMiller: IP_RECVDSTADDR doesn't filter, it just tells you where the packet was received. For filtering you need SO_BINDTODEVICE. It works for dnsmasq, perhaps you should look around the code and find what other socket options are being set.

@EJP: Your comment about the weak end system model was perhaps the most helpful of all. It indirectly lead me to find rp_filter (which I had to set to 2), which caused Linux to mostly associate datagrams with the NIC they came in on. As a result, SO_BINDTODEVICE actually started working (it had no effect before), and IP_PKTINFO started reporting datagrams as coming from eth1 (previously it only reported eth0). Besides upvoting, I wish there were a way to indicate to stackoverflow, "this response was critical in finding the answer" without implying that it is the whole answer.

Most implementations that claim to work only pass a 4 for the length when something like "eth0" is passed in.

I'm just about to cry to see there's another person in this small world, that is cursing kernel for such poor documentation over such a huge gigantic piece of information! This behaviour is just insane! Gonna try and report outcome, but up to now, my symptoms are just about the same as yours.

sysctl can be dynamically changed with /sbin/sysct. sysctl net.ipv4.conf.default.arp_filter to read. sysctl -w net.ipv4.conf.default.arp_filter=x to write