Your message dated Sun, 1 Jan 2017 20:55:57 +0100
with message-id <[email protected]>
and subject line Re: Bug#683586: debian-installer: Please include rdnssd in d-i
and base system to fully automatic IPv6 support
has caused the Debian Bug report #683586,
regarding debian-installer: Please include rdnssd in d-i and base system to
fully automatic IPv6 support
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
683586: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683586
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: debian-installer
Severity: normal
Tags: ipv6 d-i
I belive that rdnssd package (IPv6 recursive DNS server discovery daemon)
should be included in d-i as udeb or even used by default,
as well installed by default in base system.
It is used for automatic configuration without DHCP (v6).
This is because indeed kernel does autoconfiguration (SLAC) by reciving
ICMP RA and properly adding addresses to interfaces on IPv6 enabled
networks, with proper routers. But this leavs other informations from RA
packets unprocessed. This include network domain name, ntp server names,
and DNS server addresses.
This is handled by rdnssd package:
Description-en: IPv6 recursive DNS server discovery daemon
rdnssd autoconfigures recursive DNS servers on IPv6 networks
using ICMPv6 Neighbor Discovery (RFC 5006), and can update the
DNS resolvers configuration (/etc/resolv.conf) accordingly.
rdnssd doesn't have any dependencies beside libc6. It recommends
resolvconf for even better IPv6 support but it is optional.
It is fully automatic, essentially doesn't have any configuration
(beside optional script which can be used for merging already existing
resolv.conf when not using resolvconf package/system).
It have just few files, main binary written in C is just 16100 bytes on
i386m abd consumes very small memory and cpu:
sredniczarny:~# ps aux | grep rdnssd
root 2837 0.0 0.0 1960 268 ? Ss lip30 0:00 /sbin/rdnssd
-u rdnssd -H /etc/rdnssd/merge-hook
rdnssd 2838 0.0 0.0 2176 516 ? S lip30 0:00 /sbin/rdnssd
-u rdnssd -H /etc/rdnssd/merge-hook
It also starts extremally quickly:
sredniczarny:~# time /etc/init.d/rdnssd start
[ ok ] Starting IPv6 Recursive DNS Server discovery Daemon: rdnssd.
real0m0.074s
user0m0.000s
sys0m0.004s
So, please include rdnssd by default on all systems.
It would be good idea to adive security team on this matter, because
as a networked deamon it can be prone to remote attacks (both DoS and
remote exploits). It should be pretty safe, considering simplisity of
processing rdnssd is doing, but still some cautions should be taken.
Regards,
Witek
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 3.5.0-t43-prod-dirty (SMP w/1 CPU core)
Locale: LANG=pl_PL.UTF-8, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8) (ignored: LC_ALL
set to pl_PL.UTF-8)
Shell: /bin/sh linked to /bin/dash
--- End Message ---
--- Begin Message ---
Version: 1.0.1-1
On Thu, Aug 02, 2012 at 08:20:26AM +0200, Witold Baryluk wrote:
> Package: debian-installer
> Severity: normal
> Tags: ipv6 d-i
>
> I belive that rdnssd package (IPv6 recursive DNS server discovery daemon)
> should be included in d-i as udeb or even used by default,
> as well installed by default in base system.
>
> It is used for automatic configuration without DHCP (v6).
This has been included in d-i long ago
https://anonscm.debian.org/cgit/d-i/netcfg.git/commit/?id=fac74c749661da41ef4b89b89c9fd76dd42e7bc6
This has been part of Jessie release (at least).
Bernhard
signature.asc
Description: Digital signature
--- End Message ---
