>> "Everybody does it" is an argumentum ad populum. It's not right >> because all systems do this. All systems do this because some RFC >> told them to and apparently nobody considered the downsides (or they >> dismissed them). >> >> I'm arguing it should be different since it is unexpected behavior >> (keep in mind that you say 'none' to the "IPv6 address for em0? (or >> 'rtsol' or 'none')" question in the installer - a link-local address >> is not "none"), it goes against the OpenBSD philosophy and it exposes >> an extra attack surface. > > Just to remind everybody here. The last time we had to bump the remote > hole counter in OpenBSD was because of IPv6. Because of that I'm all for > not having IPv6 link local addresses set by default. > > It will also save us from some troubles with unnumbered interfaces (e.g. > as part of a bridge(4)) that get an IPv6 address by default unless -inet6 > is used.
Amen! I am just a user and follow this tread with much interest. I have to say I wasn't used to OpenBSD lie to me from 2.6 when I started to use it. When I say None to a question I expect None, not a partial None. I have no say in the subject, but if I may, please make the question reflect the truth when asked and KILL IT! As a side effect of this, I got used to do this in pf.conf in every install. block in quick inet6 all Thanks for always considering better setup and default every time. Daniel