Date:        Fri, 16 Sep 2016 23:37:40 +0100
    From:        Roy Marples <>
    Message-ID:  <>

  | > The IN_IFF_TENTATIVE handling just breaks lots of old code.
  | You can disable it by setting the appropriate sysctl to zero.
  | $ sysctl -a | grep dad
  | net.inet.ip.dad_count = 3
  | net.inet6.ip6.dad_count = 1

That isn't disabling the IFF_TENTATIVE handling, it is dosabling DAD, which
is a different thing entirely.

As I understand it, the reason for the change in 1.261 was to prevent sending
from invalid addresses (which is a good thing) - but tentative addresses are
not invalid, they just have not been proved valid yet, which is a different
thing entirely.   99.9% (or more) of all tentative addresses are valid, and
will remain valid, and there's no good reason not to send from them (what's
more, it is require that we do so in the case that the same address is being
claimed by 2 nodes at the same time - both are performing DAD together, in
order for DAD to work properly - the ARP/ND requests must be answered.)

I think I would drop the assumption that tentative addresses are invalid,
and just allow sending from them.   But if that isn't done, then UDP should
be treated the same as TCP, and packets just "lost" rather than returning
a transmit error.


Reply via email to