[Dnsmasq-discuss] IPv6 link-local addresses and listen-address parameter
Phil Davis
phil.davis at inf.org
Sun Aug 4 14:58:10 BST 2013
In a valid IPv4 configuration, the IP address of every interface on a
device has to be different. So the --listen-address parameter specifies
particular IPv4 addresses, and those are unique on the box, each IPv4
address appears on 1 and only 1 interface. So --listen-address is easily
used to specify what is required, without needing --interface.
In IPv6, the link-local address can be the same on multiple interfaces.
This can happen by design - e.g. every LAN interface on a router is set
to fe80::1 - or in a scenario with some sort of virtual interfaces
running on a physical NIC, the software might use the same underlying
MAC address of the NIC to generate the link-local address. So all the
VPN interfaces, or VLAN interfaces or whatever turn out to have the same
link-local address. I believe this is all valid in IPv6. (Stop here and
tell me if it is not!)
This makes it not possible to use --listen-address for IPv6 link-local
addresses that appear on multiple interfaces. (unless you do happen to
want to listen on them all)
If you want to listen to both IPv4 and IPv6 on a set of interfaces, then
you can use --interface and/or --except-interface - but that can also be
tricky "IP alias interfaces (eg "eth1:0") cannot be used with
*--interface* or *--except-interface* options, use --listen-address
instead". And what if someone does want to listen to some mixture of
IPv4 and IPv6 addresses on particular interfaces.
There is a discussion about this on pfSense:
http://forum.pfsense.org/index.php/topic,65109.msg353680.html#msg353680
My question is, when an IPv6 address is duplicated on multiple
interfaces, is there a way to specify listening on a particular
combination of IPv6 address+interface?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20130804/30b9d8d4/attachment.html>
More information about the Dnsmasq-discuss
mailing list