(usagi-users 00463) Re: IPv6: Incoming RA source-address may be non- link-local

[itojun@xxxxxxxxxx]

>Note that there is in net/ipv6/route.c:
>---
>                        /* IPv6 strictly inhibits using not link-local
>                           addresses as nexthop address.
>                           Otherwise, router will not able to send redirects.
>                           It is very good, but in some (rare!) curcumstances
>                           (SIT, PtP, NBMA NOARP links) it is handy to allow
>                           some exceptions. --ANK
>                         */
>---
>I wonder what these circumstances are, exactly.

	the above comment is correct.  nexthop values needs to be linklocal
	adderss, otherwise icmp6 redirect will not work right.
	(the icmp6 redirect input logic will fail to detect if the nexthop is
	legal one or not)

>Sit tunnels usually do
>use global addressing, and next hop is non link-local (on KAME too), but
>that doesn't mean those wouldn't have link-local address at all.

	no, we (KAME) do not recommend using global address on tunnels.
	we do not forbid it, though.

	if you want to configure a route to tunnel interface, use:
	# route add -inet6 3ffe:foo:baa:: -prefixlen 48 ::1
	# route change -inet6 3ffe:foo:baa:: -prefixlen 48 ::1 -ifp gif0
	this way you don't need to talk about global nexthops.

itojun