Hi Daniel, >What you want there is "slaac hwaddr".
I had reverted that on your advice, with an etckeeper commit message of “This is now handled by a patched ifupdown.”, prior. Unreverted this, will see whether it helps in a bit. >In any case you're likeley observing the expected behaviour of >dhcpcd-base's default configuration: > > $ grep ^slaac /etc/dhcpcd.conf > slaac private > >I'm of the opinion this is a bad default for Debian and have raised this >before, however our dhcpd Maintainer disagrees and thus it remains. This is annoying, but… >Since the discussion in Sept. 2024 I've learned we can actually override >this on the ifupdown side (using --slaac=hwaddr in the dhcpcd cmdline). … if this is possible, then… >I'm not a fan of introducing that divergence because doing so makes >user-intent coming from /etc/dhcpcd.conf ineffective as the dhcpcd >cmdline args take precedence. … I’d argue that ifupdown should always pass --slaac= to dhcpcd to always overwrite its config (meaning it’ll only use its config if not ran from ifupdown), to avoid a regression in trixie compared to older Debian releases and keep ifupdown behaviour, and that the standard in ifupdown should be hwaddr, as we already have options for the inet6 stanzas that admins can use to enable “private”. And, yes, I’ll argue that even for trixie. The current “private” setting can lock out administrators unexpectedly, and hardening by enabling the “privacy extensions” (note they are even *named* “extensions”) should be the same manual step like in previous releases. (In fact, I re-noticed the problem by needing to ssh to a laptop running trixie while it was besat by higher powers🐈⬛, in a network that had just assigned a new/unknown IPv4 to it, and that has no public IPv6 subnet (a problem for another day), and I wanted to ssh to the known link-local v6 address except it was not working, so I was in fact locked out until the higher power🐈⬛ decided to re-seat on another lair.) Therefore Cc SRM for their opinion. Gruß //Thorsten -- Thorsten Glaser Linux / Unix Developer Tel.: +49 160 91168501 E-Mail: [email protected] B1 Systems GmbH Osterfeldstraße 7 / 85088 Vohburg / https://www.b1-systems.de/ GF: Ralph Dehner / Unternehmenssitz: Vohburg / AG: Ingolstadt, HRB 3537
