IPv6 Source Address Selection on Mac OS X Lion
Mohacsi Janos
mohacsi at niif.hu
Thu Dec 15 11:19:44 CET 2011
Dear Chirstoph,
You achieved the prefer source address selection with tweaking the
RFC 3484 (http://tools.ietf.org/html/rfc3484) policy table on Linux and
Windows. According to some tests RFC3484 was implemented in some extent on
Mac OS X Lion, but maybe more the Happy-Eye-Ball
(http://tools.ietf.org/html/draft-ietf-v6ops-happy-eyeballs) . But seems
to me that RFC3484 policy table setting utility (ip6addrctl) is missing
from Lion. It seems that Lion is using non-temporary autoconfigured
addresses as a source for some destination prefixes, and temporary
autoconfigured addresses as source for some other destination prefixes.
Maybe Lion kernel is deciding on /48 boundary if use or not to use
temporary address - according to some tests done by me - but it is not
documented. Some guess work already done:
http://lists.apple.com/archives/Ipv6-dev/2011/Jul/msg00009.html
Janos Mohacsi
Head of HBONE+ project
Network Engineer, Deputy Director of Network Planning and Projects
NIIF/HUNGARNET, HUNGARY
Key 70EF9882: DEC2 C685 1ED4 C95A 145F 4300 6F64 7B00 70EF 9882
On Wed, 14 Dec 2011, Christoph Stahl wrote:
> Hi there,
>
> I like to share with you an interesting problem. Maybe someone on this
> mailinglist has already found a solution to this. I googled for hours
> but did not find anything helpfull.
>
> The setup is a Macbook Pro running Lion with native IPv4 and IPv6
> connectivity at our office connected by Gigabitethernet.
>
> The goal is to use a stateless autoconfigured IPv6 Adress to "surf the
> the internet" and a statically configured IPv6 Adress to reach the IPv6
> (or dual stacked) hosts that use IPs belonging to our assigned
> IPv6-prefix. So that we can configure the static "admin" IPv6 address in
> firewalls or host.allows, but surf the web with all the benefits of the
> automatic privacy extension.
>
> I figured out how to get a static AND a dynamic IPv6 on my Mac:
> In the system preferences I duplicated the ethernet Interface and gave
> the duplicates speaking names. One instance gets a fixed IPv4 and a
> fixed IPv6 address. The other instance gets no IPv4 address, but an
> "automatic" IPv6 address.
>
> Using "ifconfig en0" I can verify that two IPv6 Adresses have been
> assigned to the interface, as planned.
> But no matter what, when coonecting to an IPv6 host, the dynamic IPv6 is
> used.
>
> On Windows XP on a different hardware I can select which address to use
> for reaching our prefix by
>
> netsh interface ipv6 reset
> netsh interface ipv6 add address "LAN-Verbindung" 2001:db8:0:<staticIPs>:111:: store=persistent
> netsh interface ipv6 add prefixpolicy 2001:db8:0:<staticIPs>:111::/128 69 666
> netsh interface ipv6 add prefixpolicy 2001:db8::/32 70 666
> netsh interface ipv6 add prefixpolicy 2001:db8:0:<dynamicIPs>::/64 71 777
> netsh interface ipv6 add prefixpolicy 2000::/3 72 777
> netsh interface ipv6 add prefixpolicy ::/0 50 777
>
>
> On Debian Linux, one can achieve this with
>
> iface eth0 inet6 static
> address 2001:db8:0:<staticIPs>:111::
> netmask 64
> gateway fe80::1
>
> pre-up sysctl net.ipv6.conf.eth0.autoconf=1
> pre-up sysctl net.ipv6.conf.eth0.use_tempaddr=2
> pre-up sysctl net.ipv6.conf.eth0.accept_ra=1
> # Label 1 ist vordefiniert als ::/0
> post-up ip addrlabel add prefix 2001:db8:0:<dynamicIPs>::/64 label 1 || true
> post-up ip addrlabel add prefix 2001:db8::/32 label 666 || true
>
>
>
>
> Sadly, there is no netsh on mac os x (Ok, that is a good thing!). And
> there is no "ip"-command.
>
> Does anybody know how to achieve this goal on Mac?
>
> I really hope there is a solution. Any hints and help will be greatly
> appreciated!
>
> Have a nice day,
>
> Regards,
> Christoph
>
More information about the ipv6-ops
mailing list