[Dnsmasq-discuss] IPv6 link-local addresses and listen-address parameter

Dan Williams dcbw at redhat.com
Mon Aug 5 15:22:11 BST 2013


On Sun, 2013-08-04 at 19:43 +0545, Phil Davis wrote:
> In a valid IPv4 configuration, the IP address of every interface on a 
> device has to be different. So the --listen-address parameter specifies 
> particular IPv4 addresses, and those are unique on the box, each IPv4 
> address appears on 1 and only 1 interface. So --listen-address is easily 
> used to specify what is required, without needing --interface.
> In IPv6, the link-local address can be the same on multiple interfaces. 
> This can happen by design - e.g. every LAN interface on a router is set 
> to fe80::1 - or in a scenario with some sort of virtual interfaces 
> running on a physical NIC, the software might use the same underlying 
> MAC address of the NIC to generate the link-local address. So all the 
> VPN interfaces, or VLAN interfaces or whatever turn out to have the same 
> link-local address. I believe this is all valid in IPv6. (Stop here and 
> tell me if it is not!)
> This makes it not possible to use --listen-address for IPv6 link-local 
> addresses that appear on multiple interfaces. (unless you do happen to 
> want to listen on them all)
> If you want to listen to both IPv4 and IPv6 on a set of interfaces, then 
> you can use --interface and/or --except-interface - but that can also be 
> tricky "IP alias interfaces (eg "eth1:0") cannot be used with 

"IP alias interfaces" actually aren't interfaces at all.  They just look
that way in 'ifconfig', but nowhere else.  What 'ifconfig' shows as an
"alias interface" is actually just an IP address with a label.  If you
set up an alias interface, try:

cat /proc/net/dev
ls /sys/class/net
ip link show

and you won't see the alias interface anywhere, because it's not
actually an interface...  which is why you can't use actualy use it with
--interface or --except-interface.  Aliases are actually just extra IP
addresses, and ifconfig simply can't handle them.

Dan

> *--interface* or *--except-interface* options, use --listen-address 
> instead". And what if someone does want to listen to some mixture of 
> IPv4 and IPv6 addresses on particular interfaces.
> There is a discussion about this on pfSense: 
> http://forum.pfsense.org/index.php/topic,65109.msg353680.html#msg353680
> My question is, when an IPv6 address is duplicated on multiple 
> interfaces, is there a way to specify listening on a particular 
> combination of IPv6 address+interface?
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss





More information about the Dnsmasq-discuss mailing list