[syslog-ng] IPv6 Link local address use with syslog-ng

Philip Bellino pbellino at mrv.com
Tue Nov 20 14:41:07 CET 2007


Bazsi,

Linux 2.6.x, Windows XP, Windows Vista, FreeBSD, Solaris 8 and up. All
support IPv6 which of course supports Link Local addresses. 
Execute the following commands to see the IPv6 configuration:
Linux/FreeBSD - /sbin/ifconfig
Windows - ipconfig /all
Solaris - ifconfig -a

You are correct in that the Link Local address is only valid on the
local Lan and it is not routable.
A link local address is derived from the kernel at boot time. It is
denoted by the leading "fe80::".  What follows is the ethernet address
of the host with an ff:fe stuffed in.
For example, is the ethernet address of host is 02:a1:9d:00:ae:44, then
the link local address will be fe80::2a1:9dff:fe00:ea44.  Please note
that :: denotes that the next field(s) are all zeros.  Also leading
zeros can be dropped.

I believe the theory behind link local addresses was to have basic
native IPv6 connectivity right out of the box without any user
configuration.  When IPv6 was still in its infancy, there were no IPv6
routers available and tunneling had(and still is) to be used which
basically wrapped the IPv6 packet inside an IPv4 packet that could be
routed and then be unwrapped once it was received at the final
destination.

Why the IPv6 gurus require the link local address to be scoped is still
a mystery to me, but since it is, the rule is that the stack needs to
know which interface to send the IPv6 packet out of, so "ip_ttl" does
not apply here.
Please note that the scope_id is not needed for Link Global IPv6
addresses. 

I could be wrong in what follows, but since the syslog-ng code uses the
"Zorp" style code for bind(g_bind) and connect(g_connect), it seems that
it doesn't have the necessary info needed in the "GSockAddr" structure
in gsockaddr.h to accommodate the sin6.sin6_scope_id.

I hope this helps.
Phil



-----Original Message-----
From: syslog-ng-bounces at lists.balabit.hu
[mailto:syslog-ng-bounces at lists.balabit.hu] On Behalf Of Balazs
Scheidler
Sent: Tuesday, November 20, 2007 5:56 AM
To: Syslog-ng users' and developers' mailing list
Subject: Re: [syslog-ng] IPv6 Link local address use with syslog-ng


On Mon, 2007-11-19 at 12:57 -0500, Philip Bellino wrote:
> Simon,
> I tried  "tcp6(ip(fe80::220:abff:febe:4dac%eth0) port(1468));" in my
earlier testing and received the syslog error:
> 
> "Error binding socket" addr='AF_INET6(fe80::220:abff:febe:4dac)',
error='Invalid argument (22)'
> 

It does not work yet, Simon has only suggested a configuration
interface. Can you enlighten me what is a link-local address? Am I right
to assume that it is an address that can only be used on the local LAN?

Can you explain why it is useful? (to restrict packets to the local
LAN?) syslog-ng supports an option named ip_ttl() and it lets you set
the maximum hop count on the packet. Isn't this a substitute?

Can you point me to a package that supports link-local addresses?

-- 
Bazsi

_______________________________________________
syslog-ng maillist  -  syslog-ng at lists.balabit.hu
https://lists.balabit.hu/mailman/listinfo/syslog-ng
Frequently asked questions at http://www.campin.net/syslog-ng/faq.html



More information about the syslog-ng mailing list