[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[6bone] Network Address translation question
On Fri, Jun 24, 2005 at 09:12:03AM +1200, Perry Lorier wrote:
> > No idea. Don't know if any implementations allow it, and how is
> > implementation dependent. Would be quite interesting to know how
> > much of 3484 is implemented in different systems, and also how
> > to change policy if possible.
> Linux (as of 2.6.11) has a rather dumb source address selection policy
> in the mainline kernel. From my reading of the code it selects the
> first address on an interface that isn't tentative and has identical
> scope. It also prefers non deprecated, non temporary (or temporary
> addresses if configured to do so) addresses where possible.
> This however means it always uses the address that was added last, so if
> you have a slow tunnel to somewhere that takes longer to setup, that
> will be the source address it will prefer over any other one, much to my
> The Linux community seem to have indicated that they want preferences
> handled by having a preferred source address used per route. I was
> looking at the source to Linux and the code appears to be there to use a
> source address if one is specified in the routing table, however the
> code to insert one somewhere seems broken (either in user space or
> kernel space, I didn't figure it out). If there is no source address
> specified in the routing table it falls back to the algorithm uses above.
> The code is in net/ipv6/addrconf.c in the function ipv6.*_get_saddr.*
Note it's not just source address selection; RFC3484 is address selection
for source and destination. So really it's more a case of a preferred
source address per destination address, then per route. I guess at present
very few systems are multiaddressed for IPv6, so it's really 'just' a
matter of picking the right source to use for a destination, but Iljitsch's
example and Mark's survey shows the implementations are lacking.
Whether there are improvements to make on 3484 based on experience is
another question (like the ULA+global causing problems with multicast).