Excerpts from Reinier Haasjes's message of Sat May 29 20:56:50 +0000 2010: > From: Jeroen Massar <jer...@sixxs.net> > > IMHO and according to the IETF afaik, selecting source addresses is the > job of the application which should bind(), if the application cannot > make that decision then the OS should do it, Yes, the OS should be and is the instance choosing the source address in absence of an explicit bind() (which is the case for almost all outgoing connections).
> not software that sets up connectivity. Not directly, sure. But it should be the tunnel software that tells the OS which address to prefer (or not to prefer). This is the setup script (that finally gets executed by aiccu) on my server (subnet configured on eth0): #!/bin/bash ( ip addr add 2001:6f8:120a::fc/128 dev sixxs # prefer subnet address over tunnel address so we can influence reverse DNS ip addr change 2001:6f8:900:16f::2/64 dev sixxs preferred_lft 0 ) 2>&1 | logger -t aiccu-setup And this one on my laptop (configuring the subnet on the tunnel device): #!/bin/bash ( ip addr add 2a01:198:408:1::1/64 dev sixxs # prefer subnet address over tunnel address so we can influence reverse DNS ip addr change 2a01:198:200:504::2/64 dev sixxs preferred_lft 0 ) 2>&1 | logger -t aiccu-setup Not sure if that achieves what the original bug submitter (Simon Richter) wanted, but it does for me. I haven't tried what happens if the non-preferred address is the only global one, but if it works as I expect it to (i.e. it gets used when connecting to non-local hosts) then aiccu should set preferred_lft to 0 on the tunnel address by default (since any other configured global IPv6 address is likely to be preferred by the administrator). Shipping a setup script similar to the above as /etc/aiccu/setup.sh and enabling it by default might be an option. The local tunnel endpoint address should be passed by aiccu instead of harcoded, of course. Sascha -- http://sascha.silbe.org/ http://www.infra-silbe.de/
signature.asc
Description: PGP signature
