[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Temporary IPv6 addresses vs. netgroups
On Thu, Jan 31, 2013 at 10:27:53PM +1100, Darren Reed wrote:
> is%netbsd.org@localhost wrote:
> >On Thu, Jan 31, 2013 at 09:57:17PM +1100, Darren Reed wrote:
> >>I wonder if focusing on addresses is the correct thing to do.
> >>Should we in fact be focusing on network interfaces instead?
> >No. At least that's a different problem.
> >We started talking about multiple addresses on the same LAN, some being
> >randomized and only intended for pseudonymous access to untrusted peers.
> >The desire is to have an application tell it doesn't want to use them;
> >think address-authorized lpr or nfs.
> What about being able to give an address a "metric" that enabled
> a sorting order for address selection?
> # ifconfig bge0 alias 192.168.1.1 netmask 255.255.255.0 weight 15
> # ifconfig bge0 alais 10.1.1.1 netmask 255.255.252.0 weight 50
Well, but we'd need that per-application or per-socket! Sometimes
we want one, sometimes the other.
The problem with temporary addresses is that they occupy exactly
the same subnet as the fixed/dhcp/autoconfigured addresses we want
to avoid or prefer, depending on application; so per-process routing
tables don't help, either.
The more proposals I read, the more I think that the original problem
can easiest be solved by allowing interested applications to bind,
where this isn't yet possible.
To make this generic, we'd need a generic tag list per address, or
as the next-to-minimal solution a flag "temporary" and a method to
prefer permanent vs. temporary. A hack would be to have a socket option
that selects longest vs. shortest lifetime addresses.
Main Index |
Thread Index |