Hello, I'm tryng to influence the IPv6 Source Address and Destination Address selection, using the prefix policy table. This post describes the problems with the SA selection, in a following post I will describe the DA selection problems. My windows 7 PC receives via Router Adv three global addresses: 2a01:201c:1000:1:x:y:z:t/64 2001:470:b534:1:x:y:z:t/64 2001:1418:20b:1:x:y:z:t/64 I'm tryng to influence the SA choice when connecting to ipv6-test.com (2001:41d0:1:d87c::7e57:1) RFC 3484 for SA selection states that: Rule 1: Prefer same address. Rule 2: Prefer appropriate scope. Rule 3: Avoid deprecated addresses. Rule 4: Prefer home addresses. Rule 5: Prefer outgoing interface. Rule 6: Prefer matching label. Rule 7: Prefer public addresses. Rule 8: Use longest matching prefix. The selected SA when connecting to ipv6-test.com was 2001:470:b534:1:x:y:z:t, as it reflects roule 8 (longest prefix in common between SA and DA) As Roules 1 to Roule 5 are not involved (SA and DA are different, scope is the same, no address is deprecated, no Care-of-address, only one output interface), I expected that introducing a clouse in the prefix policy table I should have been able to change the selected SA. I have changed the policies in this way: C:\Windows\system32>netsh interface ipv6 show prefixpolicies Query sullo stato attivo in corso... Precedenza Etichetta Prefisso ---------- ----- -------------------------------- 60 1 2a01:20c1::/32 50 0 ::1/128 40 1 ::/0 30 2 2002::/16 20 3 ::/96 10 4 ::ffff:0:0/96 5 5 2001::/32 Now the first row matches the SA beginning with 2a01, and the third row matches the destination address (default) both the rows has Label = 1, than I expected that SA= 2a01:201c:1000:1:x:y:z:t should have been selected. But testing the connectivity again SA=2001:470:b534:1:x:y:z:t is always selected. I have tryed in many ways, working with preference, different labels, different prefix lengths, but have not been able to modify the SA selection in any way. The only way is make the router not announcing the 2001:470:: prefix.

Hello, the problem with DA selection is solved. I was not understanding way, if no candidate DA had a Label matching any SA, IPv4 was preferred to IPv6. I have found that the reason for that is this row in the prefix policy table: 10 4 ::ffff:0:0/96 This row represents IPv4 0.0.0.0/0 in IPv6 compatible format, and says that all IPv4 addresses (i.e. also SA and DA) have the same Label (Label=4), then they are preferred vs. two IPv6 addresses with different labels (roule 5 in rfc 3484).

Also I have solved also the SA issue, sorry. ---------- ----- -------------------------------- 60 1 2a01:20c1::/32 50 0 ::1/128 40 1 ::/0 30 2 2002::/16 20 3 ::/96 10 4 ::ffff:0:0/96 5 5 2001::/32 In the above Policy table, all the SAs match the default in third row (::/0), so the first row with Label 1 does not add any change in the Label comparison. To change the SA I need to insert two rows, one for the source and one for the destination, both with a Label different from the default. Thanks anyway,