Posts

Showing posts from May 17, 2020

LinuxでのSLAAC IPv6アドレス自動設定

Linuxにおいて、SLAACによるIPv6アドレスアサインにはいくつかのモードがあり、以下のカーネルパラメータをセットすることで制御できるようです。 addr_gen_mode - INTEGER Defines how link-local and autoconf addresses are generated. 0: generate address based on EUI64 (default) 1: do no generate a link-local address, use EUI64 for addresses generated from autoconf 2: generate stable privacy addresses, using the secret from stable_secret (RFC7217) 3: generate stable privacy addresses, using a random secret if unset モード2のRFC7217形式を利用するためには以下のように 、 stable_secretをあらかじめセットしておく必要があります。 stable_secret - IPv6 address This IPv6 address will be used as a secret to generate IPv6 addresses for link-local addresses and autoconfigured ones. All addresses generated after setting this secret will be stable privacy ones by default. This can be changed via the addrgenmode ip-link. conf/default/stable_secret is used as the secret for the namespace, the interface specific ones can overwrite that. Writes to conf/all/stable_secret are refused. It is r