[Dnsmasq-discuss] Fwd: Re: dnsmasq: bogus-priv for IPV6

Mon, 10 Sep 2012 09:00:40 -0700

OK, I forwarded my question to an individual who I believe knows much more about IPV6 than I do and he agrees the dnsmasq should optionally not forward "private" ipv6 packets.
Now, I believe that a "bogus-priv6" would be useful but this is only at some border between an internal network and an external network. Otherwise, anything goes so that the internal network can use this IPv6 addresses that should not be forwarded to the Internet. 


While the suggested "quick fixes" are good, this should be in the 
dnsmasq code itself so that individuals creating an instantiation of 
dnsmasq does not the extensive technical details.


Gene


-------- Original Message --------
Subject:        Re: dnsmasq: bogus-priv for IPV6
Date:   Mon, 10 Sep 2012 11:43:56 +0100
From:   Daniel P. Berrange <berra...@redhat.com>
Reply-To:       Daniel P. Berrange <berra...@redhat.com>
To:     Gene Czarcinski <g...@czarc.net>



On Sat, Sep 08, 2012 at 08:54:00AM -0400, Gene Czarcinski wrote:

Daniel ... I am forwarding this message to you because I saw that
you have done some work with qemu/kvm/libvirt and IPV6 ... actually
getting something working as described in your article.

As you may have noticed, I have some interest in dnsmasq incorrectly
(or at least undesirably) forward queries.  One thought that
occurred to me concerned IPV6 ... should there be a "bogus-priv"
option for IPv6.  The solution may be even simpler.  Comments?


I think you're right that dnsmasq should be able to stop
forwarding queries for the unique local IPv6 addrs. Whether
it is a new 'bogus-priv6' option or uses the hack-around
describe in the thread below, isn't a huge deal. I suspect
a 'bogus-priv6' option would be nicer though, since it makes
it more obvious to users.

Daniel
--
|: http://berrange.com      -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o- http://virt-manager.org :|
|: http://autobuild.org       -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o- http://live.gnome.org/gtk-vnc :|






_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss














    











					Reply via email to