[ipv6hackers] IPv6 source address selection on Linux

Romain Boissat rboissat at lv0.in
Thu Jul 19 16:52:10 CEST 2012


On Thu, Jul 19, 2012 at 4:41 PM, Sander Smeenk <ssmeenk at freshdot.net> wrote:

> Quoting Romain Boissat (rboissat at lv0.in):
>
> > > Could someone provide me with clue on how i can force traffic on my
> > > server going to 2001:db8::1 to *always* source from the configured ULA
> > > address fded:e128:5900::1 ?
> >
> > You can this little hack to all other IPv6 addresses:
> > ip addr change $IP6_ADDR/$NETMASK dev $NIC preferred_lft 0
>
> No i can't. As i stated in my original email.
> Although i might have been more clear on that subject:
>
> | Now there's really a lot of references TO that RFC but i was unable to
> | find any workable examples on how to set this up. FIDDLING WITH
> | PREFERED_LFT ON THE V6 ADDRESS WON'T WORK EITHER IN THIS SITUATION.
>
> ... because if i set the preferred_lft for the public routable
> 2001:db8:: ip to 0, it also sources fded:e128:5900::1 for every other
> address on the public internet. I want it to only source from
> fded:e128:5900::1 when connecting to 2001:db8::1 (which is on the same
> L2 network, and is why i need this so bad). It should use its public
> routable IPv6 address on all other occasions.
>

Well in that case, I can only think of iproute2 policy routing on the
server with
two routing tables and several rules to select the right routing table
depending
on source and destination prefixes. You should check that your current
kernel
supports multiple IPv6 routing tables, though.

-- 
Romain Boissat
chroot-me.in



More information about the Ipv6hackers mailing list