On 10/08/2019 14:00, James Knott wrote:
With IPv6, there are something called privacy addresses. These are based on a random number and you get a new one every day, with old ones falling off after a week. You should also have one permanent address, which can be based on the MAC address or a random number. This is the address you'd use when trying to connect to that computer. The privacy addresses are used for outgoing connections. There will also be a link local address, which starts with fe80. The link local address is typically used for things like router advertisements, default gateway and more, but generally you don't used them for connecting to a computer.
A /64 means you're on a LAN, with the first 64 bits corresponding to the network prefix and the other 64 bits identifying the device on the LAN. A /128 is used identify a device and is used when connecting, but you can't connect directly to it. Traffic is actually routed to it, from another address. This is common on routers. If you have a point to point connection, you would have a /127 address.
<snip>
With IPv6, you'd normally have a consistent network prefix. This means you'd use the permanent address as your target, to configure DNS for etc. You would not use the privacy addresses for this.
<snip>
That is not the intended purpose of a link local address as you also have to provide the interface ID to use it.
<snip>
If it's on the LAN, it does not go through the router. This is exactly the same as with IPv4. When a device has a packet to send, it compares it's own address, the destination address and the prefix or subnet mask, to determine if the destination is on the local LAN. If it is, it uses neighbor solicitation on IPv6 or ARP on IPv4, to obtain the MAC address to send the packet to. If it determines the destination is elsewhere, it sends the packet to the router, using the routers's MAC address.
Thanks for the details. I'm a bit overloaded with too many things to deal with at once before I return abroad on Tuesday and set about trying to configure the remote machine. Sometime over the next couple of weeks I'll likely come back to demand more questions. In the meantime, this thread elsewhere seems to have uncorked a proverbial can of worms the size of a small city, and I have to switch off or I'll drown. Cheers, gumb -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org