[PATCH] Add an option for RFC5014 IPv6 source address preference
Maximilian Eschenbacher
wsrajill at m.t.kajt.de
Thu Jun 3 05:21:52 AEST 2021
Hey,
this topic is indeed interesting.
I've read up on the bugreport: The patch does not seem to include the
preference flags to getaddinfo(3) as discussed here
https://bugzilla.redhat.com/show_bug.cgi?id=512032#c8. Is this
intentional?
https://biplane.com.au/blog/?p=30 lists the first three options to
globally control the ipv6 source address preference on linux. Technique
four and five can be used per socket (and by extension per process):
- Technique One: Deprecate the addresses you don't want selected
via ip addr change $ip dev $dev preferred_lft 0
- Technique Two: Modify the label table
via ip addrlabel
- Technique Three: Prefer privacy addresses
via sysctl /proc/sys/net/ipv6/conf/$dev/use_tempaddr
- Technique Four: setsockopt(2) (may be set per socket)
- Technique Five: bind(2) (may be set per socket)
Is this assessment correct or did I miss some options?
BR
Maximilian Eschenbacher
More information about the openssh-unix-dev
mailing list