| 1 |
AFAIK, link-local addresses shall not be used for usual services like |
| 2 |
HTTP. They are only for neighbour discovery, local multicasts (all local |
| 3 |
NTP servers, all local DHCP servers, and so on) or pinging. |
| 4 |
|
| 5 |
It is possible (by specifying %interface) to access them, but this |
| 6 |
remains unimplemented in most programs, as it is not usual / advisable |
| 7 |
to use them this way. |
| 8 |
|
| 9 |
I think your intention was probably to do some local testing in a LAN, |
| 10 |
IPv6 offers two working possibilities: |
| 11 |
|
| 12 |
* Usage of site-local addresses: For simple local testing, you could |
| 13 |
assign (usually statically) site-local addresses. These are not routed |
| 14 |
to the internet, but are not local to a single interface, and therefore |
| 15 |
routed as usual IPv6 unicast traffic. However, this method has be |
| 16 |
declared as obsolete and should not be used any more, but it still works |
| 17 |
in all implementations I've seen. |
| 18 |
|
| 19 |
* The "real" way for addresses within a LAN is to assign globally unique |
| 20 |
addresses. In IPv6, this usually works this way: The ISP assigns a /64 |
| 21 |
subnet to your local router, who propagates this subnet via router |
| 22 |
advertisements as the local network prefix. All computers in the network |
| 23 |
choose their address within this subnet, either statically (default) or |
| 24 |
randomly (privacy extensions). It is then possible, that those addresses |
| 25 |
can be used world-wide, in order to isolate machines within your |
| 26 |
network, AFAIK the advised way is to set up a proper firewall on your |
| 27 |
router (or local machine), denying world wide access. |
| 28 |
|
| 29 |
However, the world of IPv6 changed a lot and many things got obsoleted / |
| 30 |
extended, it's sometimes hard to find documentation about the really |
| 31 |
advised newest way of doing things... In addition, there's of course |
| 32 |
lots of criticism, especially about privacy or security. |
| 33 |
|
| 34 |
I used to try out site-local addresses first btw, despite they were |
| 35 |
already obsoleted some time ago. |
| 36 |
|
| 37 |
Regards, |
| 38 |
Felix |
| 39 |
|
| 40 |
Am 19.01.2012 16:25, schrieb Michael Mol: |
| 41 |
> Grant Edwards wrote: |
| 42 |
>> How do you specify a link-local ipv6 address in /etc/hosts? |
| 43 |
>> |
| 44 |
>> For example, I can ping/telnet/ssh to fe80::02c0:4eff:fe07:0005%eth1, |
| 45 |
>> but I can't figure out how to put that address in /etc/hosts so I can |
| 46 |
>> access it by name. |
| 47 |
> Tried several different approaches, can't get any of them to work. I |
| 48 |
> don't know where the bug is, though. |
| 49 |
> |
| 50 |
> I did find that if I leave off the %iface in /etc/hosts, I get an |
| 51 |
> "invalid argument" error from ping6. I suspect there's a bug in ping6. |
| 52 |
> Working directly and extensively with link-local interfaces is *bound* |
| 53 |
> to reveal a bunch of bugs, because that's not intended SOP in IPv6, you |
| 54 |
> have to be more aware of which link scope you're talking to, and I doubt |
| 55 |
> most developers take it into account. |
| 56 |
> |
| 57 |
>> Similarly, how do you enter an ipv6 link-local address in Firefox or |
| 58 |
>> Opera? curl seems to accept such an address and return the proper web |
| 59 |
>> page, but I can't find any interactive browser (graphical or |
| 60 |
>> command-line) that will accept a link-local address. So far I've |
| 61 |
>> tried Firefox Opera w3m links. According to RFC2732 it looks like the |
| 62 |
>> format should be |
| 63 |
>> |
| 64 |
>> http://[fe80::02c0:4eff:fe07:0005%eth1]:80/ |
| 65 |
>> |
| 66 |
>> But none of the browsers accept that. |
| 67 |
> That's probably a bug in each browser. |
| 68 |
> |
| 69 |
> |
Archives