I have two Linux VMs. They all start the sshd service on the same IP. When one machine is down, you can login on another VM with the same IP. However, the other VM will not be listening to that IP because it does not already exist.
I must restart the sshd service manually. However, I can not login the VM if sshd is not started. I found a solution by setting ip_nonlocal_bind to 1.
I googled the description of ip_nonlocal_bind in kernel.org:
ip_nonlocal_bind - BOOLEAN
If set, allows processes to bind() to non-local IPv6 addresses,
which can be quite useful - but may break some applications.
Default: 0
Last line says but may break some applications, and I worry this could break the application I'm running on my VM.
My VM mainly acts as a router.
Finally, I want to know: how can ip_nonlocal_bind break applications?
The kernel documentation says that ip_nonlocal_bind may break some applications because as the name implies it allows to bind() on addresses that are not local to the machine. If this setting is enabled, and an application makes the (wrong) assumption that the inbound address is local to the machine, this could cause it to crash or in any case handle the connection wrongly.
The documentation says that this could break some applications because prior to the setting being introduced (in kernel v4.3 if I am not mistaken) applications could safely assume that bound addresses were local.
I wouldn't worry about it in your case since as you say your machine merely acts as a router so basically the whole routing job is done by the kernel itself.