linux source address selection solution

Chris Caputo ccaputo at alt.net
Wed Apr 29 05:21:58 CEST 2009 

One last thing - addresses marked as deprecated are still perfectly usable 
for receiving packets or for manually being specified as a source.  (ie. 
ping6 -I <addr>)

They just aren't included in the source address selection algorithm.

Chris

On Wed, 29 Apr 2009, Chris Caputo wrote:
> Here's a little linux tip.  Hopefully it is of use to others.  Apologies 
> if obvious.
> 
> Recent linux kernels follow RFC 3484 "Default Address Selection for 
> Internet Protocol version 6 (IPv6)".
> 
> In the case of a tie (ie., source address not decided by destination 
> subnet or other mechanisms), if you have multiple IPv6 addresses on an 
> interface, linux tends to use the last address added.
> 
> I prefer to have my source v6 address not be dependent on addition order, 
> but rather be more deterministic.
> 
> A way to do so is to set "preferred_lft" to zero, while "valid_lft" is 
> non-zero or "forever".  Doing so results in the source address being 
> marked as deprecated, which means it won't be used if there are 
> alternatives on the interface, or a loopback address if not.
> 
> Loopback address is great for routers connected to exchange points because 
> it means you can deprecate your v6 exchange point address on the physical 
> interface and use a loopback as the source for any v6 connections.  (no 
> more broken registry queries due to unrouted exchange point address 
> space!)
> 
> To experiment with this try on addresses you don't want to be selected as 
> a source:
> 
>   ip addr change <ADDR> dev <DEV> preferred_lft 0
> 
> "ip -6 addr" should now show the address as being deprecated and 
> non-deprecated address(es) will be favored.  To revert do "preferred_lft 
> forever" instead.
> 
> On Gentoo I found that the network startup scripts did not like the "_lft" 
> in "preferred_lft".  Fortunately "ip addr add" allows you to drop that and 
> just use "preferred 0", ala:
> 
>   config_eth0=(
>         "10.1.1.1/24" "2001:0db8::1/64"
>         "10.1.1.2/24" "2001:0db8::2/64 preferred 0"
>   )
> 
> Cheers,
> Chris

More information about the ipv6-ops mailing list