Sorry for my late comment. This is what I told Tim after dhc session, though.
On 2005/08/03, at 16:33, Francis Dupont wrote: > In your previous mail you wrote: > > In a managed DHC environment, privacy addresses can be returned by DHCPv6 > for client use, but my reading of RFC3315 suggests (section 12) that the > request is client initiated, which implies there should/could be some > policy > that could be distributed by DHCP itself to hint to the client that it can > make the request. > > I appreciate Keith's point that per-application (non) usage may also be > desirable, but there is an API being proposed for that? It should probably > have some relationship to the site policy though? > > => this point is supposed to be solved by RFC 3484 and related APIs but: > - the private/public address switch (rule 7) is not in the policy table > - related APIs assume that every applications were changed in order to > use them (so they are nearly useless). > > Regards Of course, the privacy/public address switch isn't in the policy table, you can control it by configuring policy table in not a beautiful way. It's too simple. Just put a privacy address with 128-bit prefix-len into the policy table. Prefix Prec Label 2001:db8:1:1:a:b:c:d/128 1 1 <-- privacy address 2001:db8:1:1::/64 10 2 ::/0 10 2 In this case, the privacy address won't be used anymore to any dst by default address selection. Alternatively, you can specify public address with 128-bit prefix-len and can prioritize public address over privacy one, or vice versa. Prefix Prec Label 2001:db8:1:1:a:b:c:d/128 10 2 <-- public address 2001:db8:1:1::/64 1 1 ::/0 10 2 In this case, the privacy address will be used to connect to the hosts on the same link, though. As a privacy address is re-generated periodically, the policy table has to be updated accordingly in the former case. -- Arifumi Matsumoto <[EMAIL PROTECTED]> Ubiquitous Computing Project NTT Information Sharing Platform Laboratories TEL: +81-422-59-3334 / FAX: +81-422-59-5652 -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www1.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------