Re: ipv6 source address selection
On Sun, 20 Oct 2013, Ole Troan wrote: wouldn't this be RFC6724: Rule 8: Use longest matching prefix. If CommonPrefixLen(SA, D) CommonPrefixLen(SB, D), then prefer SA. Similarly, if CommonPrefixLen(SB, D) CommonPrefixLen(SA, D), then prefer SB. The host has a bunch of /64s. I am pinging stuff outside of these /64:s. I am however pinging stuff in adjacent /64:s within the same /56 (or /48), but the host tables I can find has no information about /56 or /48s. $ ip addrlabel list prefix ::1/128 label 0 prefix ::/96 label 3 prefix :::0.0.0.0/96 label 4 prefix 2001::/32 label 6 prefix 2001:10::/28 label 7 prefix 2002::/16 label 2 prefix fc00::/7 label 5 prefix ::/0 label 1 I don't understand why the host would choose source address in 2001:db8:1:1000:/64 when pinging 2001:db8:1:1001:1/128 because of this, but use 2001:db8:1:8000::/64 when pinging the rest of the Internet (well, actually my hosts are in 2a00::/16 really, but never mind, should be the same). What am I missing? -- Mikael Abrahamssonemail: swm...@swm.pp.se
Re: ipv6 source address selection
Hi Mikael, I don't understand why the host would choose source address in 2001:db8:1:1000:/64 when pinging 2001:db8:1:1001:1/128 because of this, but use 2001:db8:1:8000::/64 when pinging the rest of the Internet Still Longest prefix matching :-) Don't think of prefixes as prefixes-in-your-routing-table but longest-matching-string-of-bits-from-the-beginning-the-addresses. When pinging 2001:db8:1:1001::1/128 then: - A source in 2001:db8:1:1000::/64 will have 63 bits the same as the destination - A source in 2001:db8:1:8000::/64 will have 48 bits the same as the destination So the address in 2001:db8:1:1000::/64 will have the longest matching prefix and will be used. When pinging 2001:4860:4860::/128 then: - A source in 2001:db8:1:1000::/64 will have 17 bits the same as the destination - A source in 2001:db8:1:8000::/64 will have 17 bits the same as the destination So for longest prefix matching they are equal. As this is the last source address selection rule in the RFC the OS will just decide which address to use, which commonly is the most recently configured address. Cheers, Sander
ipv6 source address selection
I'm trying to influence my source address selection. First I thought I'd figure out how it works by default. I have a /48. Let's call it 2001:db8:1::/48 I created three /64s on the same LAN with A-bit set so clients would do SLAAC within these: 2001:db8:1::/64 2001:db8:1:1000:/64 2001:db8:1:2000:/64 Then I set up loopback addresses on my router: 2001:db8:1:0001:1/128 2001:db8:1:1001:1/128 2001:db8:1:2001:1/128 Then I tried pinging each loopback address from a host which has 2 addresses out of each /64. It now picked a source address within the same /56. I consistently both on a Ubuntu 13.04 and OSX 10.8.5 machine get the same behaviour. So above means that pinging 2001:db8:1:1fff::1 it would use the :1000: address, and pinging :2fff::1 would use the :2000::/64 address. If I ping outside my /48 it will consistently use the last created address (I tried adding a 4th lan, 8000, and it then uses that one), which I perfectly understand. When I ping :5000: and so on, it will sometimes use the :: address and not the :8000: that is used for the rest of global traffic. I have nothing /56 or /48 magic in routing table or ip addrlabel list, but it still seems to be something special when it comes to the same /48 as the machine has addresses in. Any help understanding what is going on is appreciated. -- Mikael Abrahamssonemail: swm...@swm.pp.se
Re: ipv6 source address selection
Hi, I agree with Ole. The longest matching rule was already there in RFC 3484. 2013/10/20 Ole Troan otr...@employees.org: Mikael, I'm trying to influence my source address selection. First I thought I'd figure out how it works by default. I have a /48. Let's call it 2001:db8:1::/48 I created three /64s on the same LAN with A-bit set so clients would do SLAAC within these: 2001:db8:1::/64 2001:db8:1:1000:/64 2001:db8:1:2000:/64 Then I set up loopback addresses on my router: 2001:db8:1:0001:1/128 2001:db8:1:1001:1/128 2001:db8:1:2001:1/128 Then I tried pinging each loopback address from a host which has 2 addresses out of each /64. It now picked a source address within the same /56. I consistently both on a Ubuntu 13.04 and OSX 10.8.5 machine get the same behaviour. So above means that pinging 2001:db8:1:1fff::1 it would use the :1000: address, and pinging :2fff::1 would use the :2000::/64 address. If I ping outside my /48 it will consistently use the last created address (I tried adding a 4th lan, 8000, and it then uses that one), which I perfectly understand. When I ping :5000: and so on, it will sometimes use the :: address and not the :8000: that is used for the rest of global traffic. I have nothing /56 or /48 magic in routing table or ip addrlabel list, but it still seems to be something special when it comes to the same /48 as the machine has addresses in. Any help understanding what is going on is appreciated. wouldn't this be RFC6724: Rule 8: Use longest matching prefix. If CommonPrefixLen(SA, D) CommonPrefixLen(SB, D), then prefer SA. Similarly, if CommonPrefixLen(SB, D) CommonPrefixLen(SA, D), then prefer SB. cheers, Ole