From: Remi Denis-Courmont <rdenis@simphalempin.com>
To: Juha-Matti Tapio <jmtapio@verkkotelakka.net>
Cc: yoshfuji@linux-ipv6.org, netdev@vger.kernel.org
Subject: Re: [PATCH 2/2] [IPV6]: Fix source address selection for ORCHIDaddresses
Date: Mon, 3 Mar 2008 11:19:40 +0100 [thread overview]
Message-ID: <04ba29fb2d9e370fd968ee2906a149c1@chewa.net> (raw)
In-Reply-To: <20080302215954.GS5813@verkkotelakka.net>
On Sun, 2 Mar 2008 23:59:54 +0200, Juha-Matti Tapio
<jmtapio@verkkotelakka.net> wrote:
>> Then, what you should do is to appropriately configure your policy
>> (label) table via the addrlabel subsystem.
>
> That would propably mean doing something like merging labels 1 (::/0),
> 2 (6to4) and 6 (Teredo) together? I suppose that could be possible,
> since after all there is also the workaround of just getting separate
> 6to4 addresses for all the necessary interfaces.
Please do NOT do this.
6to4 and Teredo have separate labels for a reason: 6to4-to-6to4 is
reliable, and Teredo-to-Teredo is fairly OK. 6to4-to-native often fails,
and Teredo-to-native very often fails due to missing, congested or even
mis-configured relays between the native IPv6 bone, and these two
transition mechanism.
These labels are there to try to force native-native, 6to4-6to4, IPv4-IPv4,
Teredo-Teredo (in that priority order) before trying mismatching pairs
(native/6to4, native/Teredo, 6to4/Teredo). The Linux kernel currently has
this settings basically _right_. Unfortunately, glibc has the settings
_wrong_ (IMHO): while it has the same labels has the kernel, the way glibc
does private IPv4 addresses scoping breaks at Rule 2, which bypasses the
IPv6 transition mechanism labels at Rule 5. And will also break the ORCHID
label when it is added :( That's a different story, but you may want to
make that is not where you problems are coming from.
> Moving the check to rule 0 would be ok by me. I personally prefer this
> option. Configuring the labels manually requires quite a lot of
> knowledge about addresses from the admin.
And worst, glibc does not sync its label table with the kernel, so you have
do replicate the settings.
--
Rémi Denis-Courmont
http://www.remlab.net
next prev parent reply other threads:[~2008-03-03 10:19 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-02-21 10:08 [PATCH 2/2] [IPV6]: Fix source address selection for ORCHID addresses Juha-Matti Tapio
2008-02-29 4:55 ` David Miller
2008-03-02 12:39 ` YOSHIFUJI Hideaki / 吉藤英明
2008-03-02 16:54 ` Juha-Matti Tapio
2008-03-02 18:02 ` YOSHIFUJI Hideaki / 吉藤英明
2008-03-02 21:59 ` Juha-Matti Tapio
2008-03-03 10:19 ` Remi Denis-Courmont [this message]
2008-03-03 11:19 ` [PATCH 2/2] [IPV6]: Fix source address selection for ORCHIDaddresses Juha-Matti Tapio
2008-03-02 18:11 ` [PATCH 2/2] [IPV6]: Fix source address selection for ORCHID addresses Rémi Denis-Courmont
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=04ba29fb2d9e370fd968ee2906a149c1@chewa.net \
--to=rdenis@simphalempin.com \
--cc=jmtapio@verkkotelakka.net \
--cc=netdev@vger.kernel.org \
--cc=yoshfuji@linux-ipv6.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).