[Dnsmasq-discuss] interface-name and IPv6 temporary addresses

Simon Kelley simon at thekelleys.org.uk
Sun Nov 30 16:17:42 GMT 2014


On 29/11/14 19:18, Michael Gorbach wrote:
> Hi All,
> 
> I've got a question and potential enhancement request. It looks like
> right now, the (very useful) interface-name feature pulls all
> (global) addresses from the interface. One of my machines uses IPv6
> privacy extensions (known in Linux as use_tempaddr), which means that
> in addition to link-local and permanent global addresses, it has a
> rotating cast of ~ 5 temporary addresses. I suggest that dnsmasq
> should detect those temporary addresses and not return them for
> queries that would otherwise hit interface-name. Returning them as it
> does now means > 5 AAAA records for a single name, which causes
> repeated confusion due to things like SSH warning about an unknown
> host because it has suddenly picked a previously-unknown temporary
> address to connect to. Thoughts?
> 

Sounds like a sensible suggestion. This facility was added before I was
really familiar with IPv6 and all its extra complications. Most of those
5 temporary addresses will be "deprecated" ie hanging around for the use
of existing connections, but not used for new ones. They definitely
shouldn't appear, but I'm pretty convinced, unless anyone can come up
with a good reason why not, that all privacy addresses should be elided,
without exception.

I wonder, though, if that's only true for forward (ie AAAA) lookups.
Should a reverse lookup on an old privacy address still yield the name
of the host it belongs to?



Cheers,

Simon.




More information about the Dnsmasq-discuss mailing list