No control over which source address is used. I'm assigning a lot of clients DHCP reservations so I can use static addresses for monitoring and firewall rules. With multiple addresses on the same network, clients may use their SLAAC address which won't match the firewall rule.
That still doesn’t really make sense. Why not run SLAAC on one subnet and have a single firewall rule for the whole thing? You’re not running any major servers on an Android phone, so it won’t be anything complex.
No control over which source address is used. I'm assigning a lot of clients DHCP reservations so I can use static addresses for monitoring and firewall rules. With multiple addresses on the same network, clients may use their SLAAC address which won't match the firewall rule.
That still doesn’t really make sense. Why not run SLAAC on one subnet and have a single firewall rule for the whole thing? You’re not running any major servers on an Android phone, so it won’t be anything complex.
SLAAC can only run on a subnet that's larger than /64, which they might not have access to.
3 replies →
There are APIs in Linux to control source address selection but might be fiddly https://www.davidc.net/networking/ipv6-source-address-select...
Ah, this makes sense.