System Administration Guide: IP Services

ProcedureHow to Administer the IPv6 Address Selection Policy Table

The following procedure explains how to modify the address selection policy table. For conceptual information about IPv6 default address selection, refer to ipaddrsel Command.

Caution – Caution –

Do not change the IPv6 address selection policy table, except for the reasons shown in the next task. You can cause problems on the network with a badly constructed policy table. Be sure to save a backup copy of the policy table, as is done in the next procedure.

  1. Assume the Primary Administrator role, or become superuser.

    The Primary Administrator role includes the Primary Administrator profile. To create the role and assign the role to a user, see Chapter 2, Working With the Solaris Management Console (Tasks), in System Administration Guide: Basic Administration.

  2. Review the current IPv6 address selection policy table.

    # ipaddrsel
    # Prefix                  Precedence Label
    ::1/128                           50 Loopback
    ::/0                              40 Default
    2002::/16                         30 6to4
    ::/96                             20 IPv4_Compatible
    ::ffff:                 10 IPv4
  3. Make a backup copy of the default address policy table.

    # cp /etc/inet/ipaddrsel.conf /etc/inet/ipaddrsel.conf.orig
  4. Use a text editor to add your customizations to /etc/inet/ipaddrsel.conf.

    Use the following syntax for entries in /etc/inet/ipaddrsel:

    prefix/prefix-length precedence label [# comment ] 

    Here are some common modifications that you might want to make to your policy table:

    • Give the highest priority to 6to4 addresses.

      2002::/16                         50 6to4
      ::1/128                           45 Loopback

      The 6to4 address format now has the highest priority, 50. Loopback, which previously had a 50 precedence, now has a 45 precedence. The other addressing formats remain the same.

    • Designate a specific source address to be used in communications with a specific destination address.

      ::1/128                           50 Loopback
      2001:1111:1111::1/128             40 ClientNet
      2001:2222:2222::/48               40 ClientNet
      ::/0                              40 Default

      This particular entry is useful for hosts with only one physical interface. Here 2001:1111:1111::1/128 is preferred as the source address on all packets that are bound for destinations within network 2001:2222:2222::/48. The 40 priority gives higher precedence to the source address 2001:1111:1111::1/128 than to other address formats configured for the interface.

    • Favor IPv4 addresses over IPv6 addresses.

      ::ffff:                 60 IPv4
      ::1/128                           50 Loopback

      The IPv4 format ::ffff: has its precedence changed from the default 10 to 60, the highest priority in the table.

  5. Load the modified policy table into the kernel.

    ipaddrsel -f /etc/inet/ipaddrsel.conf
  6. If the modified policy table has problems, restore the default IPv6 address selection policy table.

    # ipaddrsel -d