1 |
AFAIK, link-local addresses shall not be used for usual services like |
2 |
HTTP. They are only for neighbour discovery, local multicasts (all local |
3 |
NTP servers, all local DHCP servers, and so on) or pinging. |
4 |
|
5 |
It is possible (by specifying %interface) to access them, but this |
6 |
remains unimplemented in most programs, as it is not usual / advisable |
7 |
to use them this way. |
8 |
|
9 |
I think your intention was probably to do some local testing in a LAN, |
10 |
IPv6 offers two working possibilities: |
11 |
|
12 |
* Usage of site-local addresses: For simple local testing, you could |
13 |
assign (usually statically) site-local addresses. These are not routed |
14 |
to the internet, but are not local to a single interface, and therefore |
15 |
routed as usual IPv6 unicast traffic. However, this method has be |
16 |
declared as obsolete and should not be used any more, but it still works |
17 |
in all implementations I've seen. |
18 |
|
19 |
* The "real" way for addresses within a LAN is to assign globally unique |
20 |
addresses. In IPv6, this usually works this way: The ISP assigns a /64 |
21 |
subnet to your local router, who propagates this subnet via router |
22 |
advertisements as the local network prefix. All computers in the network |
23 |
choose their address within this subnet, either statically (default) or |
24 |
randomly (privacy extensions). It is then possible, that those addresses |
25 |
can be used world-wide, in order to isolate machines within your |
26 |
network, AFAIK the advised way is to set up a proper firewall on your |
27 |
router (or local machine), denying world wide access. |
28 |
|
29 |
However, the world of IPv6 changed a lot and many things got obsoleted / |
30 |
extended, it's sometimes hard to find documentation about the really |
31 |
advised newest way of doing things... In addition, there's of course |
32 |
lots of criticism, especially about privacy or security. |
33 |
|
34 |
I used to try out site-local addresses first btw, despite they were |
35 |
already obsoleted some time ago. |
36 |
|
37 |
Regards, |
38 |
Felix |
39 |
|
40 |
Am 19.01.2012 16:25, schrieb Michael Mol: |
41 |
> Grant Edwards wrote: |
42 |
>> How do you specify a link-local ipv6 address in /etc/hosts? |
43 |
>> |
44 |
>> For example, I can ping/telnet/ssh to fe80::02c0:4eff:fe07:0005%eth1, |
45 |
>> but I can't figure out how to put that address in /etc/hosts so I can |
46 |
>> access it by name. |
47 |
> Tried several different approaches, can't get any of them to work. I |
48 |
> don't know where the bug is, though. |
49 |
> |
50 |
> I did find that if I leave off the %iface in /etc/hosts, I get an |
51 |
> "invalid argument" error from ping6. I suspect there's a bug in ping6. |
52 |
> Working directly and extensively with link-local interfaces is *bound* |
53 |
> to reveal a bunch of bugs, because that's not intended SOP in IPv6, you |
54 |
> have to be more aware of which link scope you're talking to, and I doubt |
55 |
> most developers take it into account. |
56 |
> |
57 |
>> Similarly, how do you enter an ipv6 link-local address in Firefox or |
58 |
>> Opera? curl seems to accept such an address and return the proper web |
59 |
>> page, but I can't find any interactive browser (graphical or |
60 |
>> command-line) that will accept a link-local address. So far I've |
61 |
>> tried Firefox Opera w3m links. According to RFC2732 it looks like the |
62 |
>> format should be |
63 |
>> |
64 |
>> http://[fe80::02c0:4eff:fe07:0005%eth1]:80/ |
65 |
>> |
66 |
>> But none of the browsers accept that. |
67 |
> That's probably a bug in each browser. |
68 |
> |
69 |
> |