Hi Lee, > How do applications choose the correct outbound address in that > scenario? That has always been a problem when using multiple ipv4 > addresses on the same interface in combination with firewalling, etc. > where the source address matters.
that problem hasn't changed too much from IPv4 to IPv6. Basically, it's up to the application which IP address it binds to, while the OS should provide sensible defaults. In most cases with Privacy Extension enabled (mostly on client systems), the system should use a PE address, ideally a different one for each connection. Outgoing addresses for servers must be configured, e.g. in Postfix it's in the 'smtp_bind_address6' configuration variable, in BIND 'query-source-v6'. The functionality is there (as it was with v4), applications just have to use it. It is, however, a more pressing issue as with v6 any interface is likely to have several addresses. The generic case for an interface's addresses is: - link-local address, starting with 'fe80::' and ending with a node part that has been derived from the MAC of the interface for communication with the local network - autoconfigured address, starting with your prefix and ending with the same node part as the link-local address (i.e., derived from the MAC) - Privacy Extension address, starting with your prefix and ending with a random node part (it's likely that there are several of them, as a rollover mechanism exists for address rotation) - Static addresses, starting with your prefix and ending with a user-chosen node part for specific services (there might me several of them as well) All of them may co-exist. The normal logic for outgoing address selection is to use a PE address if there is one and the autoconfigured address (if present) otherwise (OK, that's as is *should* be, and most of the time it is). Everything else is up to you and how the software you use binds to outgoing addresses and lets you specify it. Best regards, Peter. _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
