Administering Default Address Selection
The Solaris OS enables a single interface to have multiple IP addresses. For
example, technologies, such as network multipathing (IPMP) enable multiple network interface cards (NICs)
to connect to the same IP link layer. That link can have one
or more IP addresses. Additionally, interfaces on IPv6-enabled systems have a link-local IPv6
address, at least one IPv6 routing address, and an IPv4 address for at
least one interface.
When the system initiates a transaction, an application makes a call to the
getaddrinfo socket. getaddrinfo discovers the possible address in use on the destination system.
The kernel then prioritizes this list to find the best destination to use
for the packet. This process is called destination address ordering. The Solaris kernel then selects the
appropriate format for the source address, given the best destination address for the
packet. The process is known as address selection. For more information on destination
address ordering, see the getaddrinfo(3SOCKET) man page.
Both IPv4-only and dual-stack IPv4/IPv6 systems must perform default address selection. In most
circumstances, you do not need to change the default address selection mechanisms. However,
you might need to change the priority of address formats to support IPMP
or to prefer 6to4 address formats, for example.
How to Administer the IPv6 Address Selection Policy Table
The following procedure explains how to modify the address selection policy table. For
conceptual information about IPv6 default address selection, refer to ipaddrsel Command.
Caution - Do not change the IPv6 address selection policy table, except for the reasons
shown in the next task. You can cause problems on the network with
a badly constructed policy table. Be sure to save a backup copy
of the policy table, as is done in the next procedure.
- Assume the Primary Administrator role, or become superuser.
The Primary Administrator role includes the Primary Administrator profile. To create the role
and assign the role to a user, see Chapter 2, Working With the Solaris Management Console (Tasks), in System Administration Guide: Basic Administration.
- Review the current IPv6 address selection policy table.
# ipaddrsel
# Prefix Precedence Label
::1/128 50 Loopback
::/0 40 Default
2002::/16 30 6to4
::/96 20 IPv4_Compatible
::ffff:0.0.0.0/96 10 IPv4
- Make a backup copy of the default address policy table.
# cp /etc/inet/ipaddrsel.conf /etc/inet/ipaddrsel.conf.orig
- Use a text editor to add your customizations to /etc/inet/ipaddrsel.conf.
Use the following syntax for entries in /etc/inet/ipaddrsel:
prefix/prefix-length precedence label [# comment ]
Here are some common modifications that you might want to make to
your policy table:
Give the highest priority to 6to4 addresses.
2002::/16 50 6to4
::1/128 45 Loopback
The 6to4 address format now has the highest priority, 50. Loopback, which previously had a 50 precedence, now has a 45 precedence. The other addressing formats remain the same.
Designate a specific source address to be used in communications with a specific destination address.
::1/128 50 Loopback
2001:1111:1111::1/128 40 ClientNet
2001:2222:2222::/48 40 ClientNet
::/0 40 Default
This particular entry is useful for hosts with only one physical interface. Here 2001:1111:1111::1/128 is preferred as the source address on all packets that are bound for destinations within network 2001:2222:2222::/48. The 40 priority gives higher precedence to the source address 2001:1111:1111::1/128 than to other address formats configured for the interface.
Favor IPv4 addresses over IPv6 addresses.
::ffff:0.0.0.0/96 60 IPv4
::1/128 50 Loopback
.
.
The IPv4 format ::ffff:0.0.0.0/96 has its precedence changed from the default 10 to 60, the highest priority in the table.
- Load the modified policy table into the kernel.
ipaddrsel -f /etc/inet/ipaddrsel.conf
- If the modified policy table has problems, restore the default IPv6 address selection
policy table.
# ipaddrsel -d
How to Modify the IPv6 Address Selection Table for the Current Session Only
When you edit the /etc/inet/ipaddrsel.conf, file, any modifications that you make persist across
reboots. If you want the modified policy table to exist only in the
current session, follow this procedure.
- Assume the Primary Administrator role, or become superuser.
The Primary Administrator role includes the Primary Administrator profile. To create the role
and assign the role to a user, see Chapter 2, Working With the Solaris Management Console (Tasks), in System Administration Guide: Basic Administration.
- Copy the contents of /etc/inet/ipaddrsel into filename, where filename represents a name of
your choice.
# cp /etc/inet/ipaddrsel filename
- Edit the policy table in filename to your specifications.
- Load the modified policy table into the kernel.
# ipaddrsel -f filename
The kernel uses the new policy table until you reboot the system.