Quoting Maximilian Eschenbacher (2021-06-02 21:21:52) > Hey, > > this topic is indeed interesting. > > I've read up on the bugreport: The patch does not seem to include the > preference flags to getaddinfo(3) as discussed here > https://bugzilla.redhat.com/show_bug.cgi?id=512032#c8. Is this > intentional? Sort of. As far as I can tell, AI_EXTFLAGS is not actually implemented on Linux (or any other commonly used OS). > > https://biplane.com.au/blog/?p=30 lists the first three options to > globally control the ipv6 source address preference on linux. Technique > four and five can be used per socket (and by extension per process): > > - Technique One: Deprecate the addresses you don't want selected > via ip addr change $ip dev $dev preferred_lft 0 > - Technique Two: Modify the label table > via ip addrlabel > - Technique Three: Prefer privacy addresses > via sysctl /proc/sys/net/ipv6/conf/$dev/use_tempaddr > - Technique Four: setsockopt(2) (may be set per socket) > - Technique Five: bind(2) (may be set per socket) > > Is this assessment correct or did I miss some options? I don't know of any others. bind()ing to a specific address is of course already implemented in openssh, but that requires me to hardcode the public address in ssh config on every machine I ssh from, which I would really like to avoid. -- Anton Khirnov _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
