linux source address selection solution

Chris Caputo ccaputo at alt.net
Wed Apr 29 05:08:00 CEST 2009


Here's a little linux tip.  Hopefully it is of use to others.  Apologies 
if obvious.

Recent linux kernels follow RFC 3484 "Default Address Selection for 
Internet Protocol version 6 (IPv6)".

In the case of a tie (ie., source address not decided by destination 
subnet or other mechanisms), if you have multiple IPv6 addresses on an 
interface, linux tends to use the last address added.

I prefer to have my source v6 address not be dependent on addition order, 
but rather be more deterministic.

A way to do so is to set "preferred_lft" to zero, while "valid_lft" is 
non-zero or "forever".  Doing so results in the source address being 
marked as deprecated, which means it won't be used if there are 
alternatives on the interface, or a loopback address if not.

Loopback address is great for routers connected to exchange points because 
it means you can deprecate your v6 exchange point address on the physical 
interface and use a loopback as the source for any v6 connections.  (no 
more broken registry queries due to unrouted exchange point address 
space!)

To experiment with this try on addresses you don't want to be selected as 
a source:

  ip addr change <ADDR> dev <DEV> preferred_lft 0

"ip -6 addr" should now show the address as being deprecated and 
non-deprecated address(es) will be favored.  To revert do "preferred_lft 
forever" instead.

On Gentoo I found that the network startup scripts did not like the "_lft" 
in "preferred_lft".  Fortunately "ip addr add" allows you to drop that and 
just use "preferred 0", ala:

  config_eth0=(
        "10.1.1.1/24" "2001:0db8::1/64"
        "10.1.1.2/24" "2001:0db8::2/64 preferred 0"
  )

Cheers,
Chris


More information about the ipv6-ops mailing list