The following should fail, regardless of /proc/sys/net/ipv4/ip_nonlocal_bind: ----- > strace -e socket,setsockopt,bind perl -MSocket -Mautodie -e'socket my $s, > PF_INET, SOCK_STREAM, 0; setsockopt( $s, IPPROTO_IP, 15, 0 ); bind( $s, > pack_sockaddr_in( 0, inet_aton("1.2.3.4") ) );' socket(AF_INET, SOCK_STREAM, IPPROTO_IP) = 3 setsockopt(3, SOL_IP, IP_FREEBIND, [0], 4) = 0 bind(3, {sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("1.2.3.4")}, 16) = 0 +++ exited with 0 +++ ----- … however, it appears that setsockopt() doesn’t disable IP_FREEBIND if ip_nonlocal_bind is set via /proc.