force/alter ipv6 source address selection

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I'm curious if anyone knows how to force or influence the default source
address selection algorithm for ipv6 in linux.

For manually assigned addresses I'm aware of the trick of setting
"preferred_lft 0" on all the other addresses so that it avoids
deprecated addresses.

I've read a little bit about the addrlabel infrastructure but can't seem
to get it to do what I want.  Perhaps I'm missing something there.

In brief my testing situation is this:
- radvd sends 6to4 prefix router adverts.
- The ipv4 address backing that is dynamic so the 6to4 prefix changes,
  so I can't use it for static addresses, only for external connectivity
  (ignoring dhcpv6).
- So, I have a unique local address range (fded::/32) used for internal
  ipv6 connectivity where I can manually assign addresses to servers.
- I want to use that same range for dynamic clients so I leave router
  adverts on.
- I can't shutoff the sysctl autoconf on the interface else I'd lose the
  global connectivity.
- The trouble is that for routing within the local address range the
  dynamically chosen address (eg: fded:2::5054:ff:fe10:eca8/64) is
  chosen over the statically assigned one (fded:2::2:1/64).

This is a little convoluted I know, but more generally I'd like to know
if/how to be able to force or at least strongly suggest a particular
outgoing source address over another (subject to other routing rules).
Basically I think this is given in the "implementation specific rules"
note in rule 8 of the rfc 3484.

The current situation is problematic for programs that key some
authentication features off of the source address (eg: cfengine).  It's
also preferable to have a known address with PTR records for some
connections for logging purposes and the like.  It's not always possible
to force the application to bind to a particular address and I'd like to
know if it's possible to do it in a system wide way.

I ran across this post [1] that claims that at least for opensolaris
they might provide some way to prefer dhcp or manually assigned
addresses over autoconfigured ones.

Another question that just occurred to me is: 
can the stateless configuration algorithm be adjusted to do something
like the following?
- try the user's configured first choice host addr (subject to duplicate
  address detection)
- failback to eui64, tempaddr, or whatever else


Obviously I'm still working through some of the ipv6 implementation
details.  Let me know if you have any questions.

Thanks for your thoughts/ideas,
Brian

[1] http://mail.opensolaris.org/pipermail/opensolaris-arc/2006-October/000728.html

Attachment: signature.asc
Description: Digital signature

[Index of Archives]     [Netdev]     [Ethernet Bridging]     [Linux 802.1Q VLAN]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Git]     [Bugtraq]     [Yosemite News and Information]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux PCI]     [Linux Admin]     [Samba]

  Powered by Linux