Link-local and global IPs on IPv6 interfaces

Question

I\'m currently trying to understand how IPv6 adresses work. There are link-local and site-local adresses used for small and organisational networks respectively. But if one of t

Answer 1

Every interface has a link-local address and optionally one or more public or site-local addresses. Looks like this:

$ ip -o -6 addr show dev eth0
eth0    inet6 2001:abcd:ef::1/64 scope global (..)
eth0    inet6 fe80::1234:5678:2/64 scope link (...)

When sending something, everything sent to a link-local address (i.e. fe80::/64) is sent from the link-local address, everything else from the global one.

(The choice is not always possible: e.g. if answering to a ping, the source IP of the answer will be the destination IP of the request, no matter which address.)

Answer 2

In general, interfaces have one link-local scope unicast address and zero or more global scope unicast addresses. (They may be also members of some finite number of multicast groups.) Addresses may be assigned manually or by DHCPv6 as in IPv4, but they may also sometimes (not always) be automatically generated when the router advertisements permit it. Some host implementations will automatically generate a persistent global address for each prefix the router advertises and an ancillary privacy address to go along with it, c.f. RFC 4191. Where DHCPv6 is used to assign addresses, hosts might request one or more temporary addresses to use instead of privacy addresses.

Don't use site-local addresses. They're deprecated by RFC 3879, mainly because the sin6_scope_id field isn't well-defined for site-local addresses. Applications that see them in the list returned from getifaddrs() should probably discard them with a diagnostic message to the standard error stream. Applications should expect that network administrators will use Unique Local Addresses (ULA) instead of site-local addresses, c.f. RFC 4941.

The reachability of ULA addresses is not generally decidable by application software. The only thing you know for certain about them is that they aren't reachable by any path that passes through the global public default-free zone. They may be reachable from anywhere on the Internet where the routes to the ULA prefix are exchanged in bilateral agreements between autonomous systems. On the other hand, they will often be advertised by IPv6 home gateways for subscriber local use only, and won't be reachable anywhere outside the home, c.f. I-D.ietf-v6ops-ipv6-cpe-router.