IPv6 Source Address Selection on Mac OS X Lion

Christoph Stahl cstahl at netcologne.de
Wed Dec 14 15:00:38 CET 2011 

Hi there,

I like to share with you an interesting problem. Maybe someone on this
mailinglist has already found a solution to this. I googled for hours
but did not find anything helpfull.

The setup is a Macbook Pro running Lion with native IPv4 and IPv6
connectivity at our office connected by Gigabitethernet.

The goal is to use a stateless autoconfigured IPv6 Adress to "surf the
the internet" and a statically configured IPv6 Adress to reach the IPv6
(or dual stacked) hosts that use IPs belonging to our assigned
IPv6-prefix. So that we can configure the static "admin" IPv6 address in
firewalls or host.allows, but surf the web with all the benefits of the
automatic privacy extension.

I figured out how to get a static AND a dynamic IPv6 on my Mac:
In the system preferences I duplicated the ethernet Interface and gave
the duplicates speaking names. One instance gets a fixed IPv4 and a
fixed IPv6 address. The other instance gets no IPv4 address, but an
"automatic" IPv6 address.

Using "ifconfig en0" I can verify that two IPv6 Adresses have been
assigned to the interface, as planned.
But no matter what, when coonecting to an IPv6 host, the dynamic IPv6 is
used.

On Windows XP on a different hardware I can select which address to use
for reaching our prefix by

netsh interface ipv6 reset
netsh interface ipv6 add address "LAN-Verbindung" 2001:db8:0:<staticIPs>:111:: store=persistent
netsh interface ipv6 add prefixpolicy 2001:db8:0:<staticIPs>:111::/128 69 666
netsh interface ipv6 add prefixpolicy 2001:db8::/32 70 666
netsh interface ipv6 add prefixpolicy 2001:db8:0:<dynamicIPs>::/64 71 777
netsh interface ipv6 add prefixpolicy 2000::/3 72 777
netsh interface ipv6 add prefixpolicy ::/0 50 777


On Debian Linux, one can achieve this with

iface eth0 inet6 static
   address 2001:db8:0:<staticIPs>:111::
   netmask 64
   gateway fe80::1
 
   pre-up sysctl net.ipv6.conf.eth0.autoconf=1
   pre-up sysctl net.ipv6.conf.eth0.use_tempaddr=2
   pre-up sysctl net.ipv6.conf.eth0.accept_ra=1
   # Label 1 ist vordefiniert als ::/0
   post-up ip addrlabel add prefix 2001:db8:0:<dynamicIPs>::/64 label 1         || true
   post-up ip addrlabel add prefix 2001:db8::/32 label 666              || true




Sadly, there is no netsh on mac os x (Ok, that is a good thing!). And
there is no "ip"-command.

Does anybody know how to achieve this goal on Mac?

I really hope there is a solution. Any hints and help will be greatly
appreciated!

Have a nice day,

Regards,
Christoph

More information about the ipv6-ops mailing list