[Dnsmasq-discuss] IPv6 link-local addresses and listen-address parameter

[Phil Davis]

In a valid IPv4 configuration, the IP address of every interface on a 
device has to be different. So the --listen-address parameter specifies 
particular IPv4 addresses, and those are unique on the box, each IPv4 
address appears on 1 and only 1 interface. So --listen-address is easily 
used to specify what is required, without needing --interface.
In IPv6, the link-local address can be the same on multiple interfaces. 
This can happen by design - e.g. every LAN interface on a router is set 
to fe80::1 - or in a scenario with some sort of virtual interfaces 
running on a physical NIC, the software might use the same underlying 
MAC address of the NIC to generate the link-local address. So all the 
VPN interfaces, or VLAN interfaces or whatever turn out to have the same 
link-local address. I believe this is all valid in IPv6. (Stop here and 
tell me if it is not!)
This makes it not possible to use --listen-address for IPv6 link-local 
addresses that appear on multiple interfaces. (unless you do happen to 
want to listen on them all)
If you want to listen to both IPv4 and IPv6 on a set of interfaces, then 
you can use --interface and/or --except-interface - but that can also be 
tricky "IP alias interfaces (eg "eth1:0") cannot be used with 
*--interface* or *--except-interface* options, use --listen-address 
instead". And what if someone does want to listen to some mixture of 
IPv4 and IPv6 addresses on particular interfaces.
There is a discussion about this on pfSense: 
http://forum.pfsense.org/index.php/topic,65109.msg353680.html#msg353680
My question is, when an IPv6 address is duplicated on multiple 
interfaces, is there a way to specify listening on a particular 
combination of IPv6 address+interface?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20130804/30b9d8d4/attachment.html>