Go to main content

Configuring and Managing Network Components in Oracle® Solaris 11.4

Exit Print View

Updated: January 2019
 
 

Administering Default Address Selection

A single IP interface can have multiple IP addresses. For example, technologies such as IPMP enable multiple NICs to connect to the same IP link layer. That link can have one or more IP addresses. Additionally, IPv6-enabled interfaces have a link-local IPv6 address, at least one IPv6 routing address, and an IPv4 address for at least one interface.

In such cases, applications must know which address to use especially when communicating with target systems. Address selection and ordering is the process by which the operating system selects and prioritizes the appropriate addresses to use to reach destination hosts.

The /etc/inet/ipaddrsel.conf file contains selected and prioritized addresses:

Table 1  IPv6 Address Selection Policy Table
Prefix
Precedence
Definition
::1/128
50
Loopback
::/0
40
Default
2002::/16
30
6to4
::/96
20
IPv4 Compatible
::ffff:0:0/96
10
IPv4

In this table, IPv6 prefixes (::1/128 and ::/0) take precedence over 6to4 addresses (2002::/16) and IPv4 addresses (::/96 and ::ffff:0:0/96). Therefore, by default, the kernel selects the global IPv6 address of the interface for packets going to another IPv6 destination. The IPv4 address of the interface has a lower priority, particularly for packets going to an IPv6 destination. Given the selected IPv6 source address, the kernel also uses the IPv6 format for the destination address.

Both IPv4-only and dual-stack IPv4/IPv6 systems must perform default address selection. In most circumstances, you do not need to change the default address selection mechanisms in this file. However, you might need to change the priority of address formats in certain cases such as the following:

  • If the system has an interface that is used for a 6to4 tunnel, you can assign a higher priority to the 6to4 addresses.

  • If you want a particular source address to be used only in communications with a particular destination address, you can add these addresses to the policy table. Then, you can use the ipadm command to flag these addresses, as preferred. See the ipadm(8) man page.

  • If you want IPv4 addresses to take precedence over IPv6 addresses, you can change the priority of ::ffff:0:0/96 to a higher number.

  • If you need to assign a higher priority to deprecated addresses, you can add the deprecated address to the policy table. For example, site-local addresses are now deprecated in IPv6. These addresses have the prefix fec0::/10. You can change the policy table to assign a higher priority to site-local addresses.

For more information about address selection, see the ipaddrsel(8) and getaddrinfo(3C) man pages. For IPv6, see the inet6(3C) man page.

How to Administer the IPv6 Address Selection Policy Table


Caution

Caution  -  Do not change the IPv6 address selection policy table unless necessary. Otherwise, network problems might occur due to a badly constructed policy table.


Before You Begin

Ensure that your role has the appropriate rights profile to perform this procedure. See Using Rights Profiles to Perform Network Configuration.

  1. Review the current IPv6 address selection policy table.
    $ ipaddrsel
    # Prefix                  Precedence Label
    ::1/128                           50 Loopback
    ::/0                              40 Default
    2002::/16                         30 6to4
    ::/96                             20 IPv4_Compatible
    ::ffff:0.0.0.0/96                 10 IPv4
  2. Make a backup copy of the default address policy table.

    Do one of the following steps:

    • To make persistent changes:
      $ cp /etc/inet/ipaddrsel.conf /etc/inet/ipaddrsel.conf.orig
    • To make changes only for the current session:
      $ cp /etc/inet/ipaddrsel.conf /etc/inet/temp.conf
  3. Edit the file by adding customizations in the following format:
    prefix/prefix-length precedence label [# comment ]

    For example, you edit either ipaddrsel.conf or temp.conf.

  4. Load the modified policy table into the kernel.
    $ ipaddrsel -f /etc/inet/filename

    For example, you load either ipaddrsel.conf or temp.conf. For non-persistent changes, the kernel uses the policies in temp.conf until you reboot the system.

  5. If the modified policy table has problems, restore the default IPv6 address selection policy table.
    $ ipaddrsel -d
Example 7  Modifying the Default IPv6 Address Selection Policy Table

    This list illustrates possible ways to change the address priority in the policy table:

  • Assign the highest priority to 6to4 addresses.

    2002::/16                         50 6to4
    ::1/128                           45 Loopback

    The 6to4 address format now has the highest priority, 50. Loopback, which previously had a 50 precedence, now has a 45 precedence. The other addressing formats remain the same.

  • Designate a specific source address to be used in communications with a specific destination address.

    ::1/128                           50 Loopback
    2001:1111:1111::1/128             40 ClientNet
    2001:2222:2222::/48               40 ClientNet
    ::/0                              40 Default

    This particular entry is useful for hosts with only one physical interface. Here, 2001:1111:1111::1/128 is preferred as the source address on all packets that are bound for destinations within network 2001:2222:2222::/48. The 40 priority gives higher precedence to the source address 2001:1111:1111::1/128 than to other address formats configured for the interface.

  • Favor IPv4 addresses over IPv6 addresses.

    ::ffff:0.0.0.0/96                 60 IPv4
    ::1/128                           50 Loopback
    .

    The IPv4 format ::ffff:0.0.0.0/96 has its precedence changed from the default 10 to 60, the highest priority in the table.