Hi Pekka, > Operational input: when discussing the use of RFC4941 > (privacy) addresses with our LAN/workstation admins, it > seemed as if there would be great benefit from being able to > specify an RFC3484 rule which would in essence say: > > "do not use privacy addresses when communicating inside the > site [a set of designated destination prefixes], use it by > default otherwise" > > I don't think this is possible today because rfc3484 policy > table only allows matching by prefixes, not by address type.
I agree with you that this would be useful. > > Has this come up in discussions / has anyone else thought about this? Not exactly this point, but the ability to add specific prefixes into the policy table dynamically has been discussed several times before (e.g. in ULA scenarios) and will hopefully be solved soon. On a side note, if you control the application you could use the IPV6_PREFER_SRC_PUBLIC flag defined in RFC5014 to effect such behavior. Thanks Suresh -------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------