Re: 6MAN WG Last Call:

Thu, 22 Aug 2013 04:40:29 -0700 



----- Original Message -----
> From: Mikael Abrahamsson <[email protected]>
> To: Erik Kline <[email protected]>
> Cc: 6man WG <[email protected]>
> Sent: Wednesday, 21 August 2013 3:35 PM
> Subject: Re: 6MAN WG Last Call: <draft-ietf-6man-stable-privacy-addresses-12>
> 
> On Tue, 20 Aug 2013, Erik Kline wrote:
> 
>>  To support this scheme as I understand it, the Linux kernel ipv6 code 
>>  would need to take some module parameters at boot or load time, so as to 
>>  force it to not do link-layer-derived link-local autoconfig but instead 
>>  load up the required parameters from non-volatile storage.  Is my 
>>  understanding correct?  If so, has anyone written this and gotten 
>>  feedback from net maintainers?
> 
> Actually this would be good if it was fixed because the way it was done 
> caused other problems. It's really hard to make a linux (debian 6.0 for 
> instance) come up and *not* do RS and then create EUI64 based addresses.
> 
> I have this in sysctl.conf:
> 
> net.ipv6.conf.default.accept_ra=0
> net.ipv6.conf.eth0.accept_ra=0
> net.ipv6.conf.eth1.accept_ra=0
> net.ipv6.conf.eth2.accept_ra=0
> net.ipv6.conf.eth3.accept_ra=0
> net.ipv6.conf.eth4.accept_ra=0
> 

RAs are necessary to indicate prefix on-link or off-link status, as per 
RFC5942. If you want to stop hosts using PIO announced prefixes to generate 
SLAAC addresses, you'd switch off the A bit in the PIO option.

> At least in debian 6.0 this didn't kick in until too late in the boot 
> process, the kernel had already brought up the interfaces and done RS and 
> created addresses and routing. It didn't listen to RAs after that, the 
> manual static config kicked in, and I had to use "ip -6 address 
> delete" to 
> get rid of the EUI64 based addresses and privacy addresses.
> 
> Actually I upgraded to debian 7.0 the other week and I don't remember 
> having to delete the EUI64 based addresses, so this might have been fixed, 
> or I just forgot to check and they timed out after a while when the kernel 
> ignored RAs after the above config kicked in.
> 
> -- 
> Mikael Abrahamsson    email: [email protected]
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> [email protected]
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
> 
--------------------------------------------------------------------
IETF IPv6 working group mailing list
[email protected]
Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
--------------------------------------------------------------------






















					Reply via email to