[asterisk-scf-dev] PJSIP TCP transport

[Marc Blanchet]

Le 10-11-29 15:29, Kevin P. Fleming a écrit :
>
> I have very little practical experience, but I haven't yet seen a usage
> for link-locals that made a lot of sense.

well, we are getting out of the asterisk-scf discussion, but since you ask:
- link-locals are good for protocol interaction on the link: local 
scope, automated.
- it also provides a link-scope address at boot time to talk to others 
on the link (routers, ...) without any external mechanism.
- the link scope has good security properties: since routers do not 
forward link-scoped addresses, then crafting a special packet to be 
addressed to a link-local address from remote (outside the local link) 
is pretty difficult if not impossible( well, never say impossible, but...)

- usually, for the purpose above (provide an address early at boot 
time/interface up), the link-local uses the mac address embedded in the 
/64 host part. Operationally, people want to avoid using them since if 
you need to replace your faulty ethernet card in your router/server, 
then the link-local (or any address which embeds the MAC address) will 
change. So if you put this info statically in some config file, then it 
needs to be updated... not fun...

Marc.

> Site-locals can be easily
> attached to your interfaces and don't have the multiple-interface
> problem,
> and aren't globally routable so they are just as 'safe'.
>

-- 
=========
IPv6 book: Migrating to IPv6, Wiley. http://www.ipv6book.ca
Stun/Turn server for VoIP NAT-FW traversal: http://numb.viagenie.ca
DTN Implementation: http://postellation.viagenie.ca
NAT64-DNS64 Opensource: http://ecdysis.viagenie.ca