On 26 Jun 2009, at 09:00, Hiroki Sato wrote:
Hi all,
I want to convert net.inet6.ip6.{accept_rtadv,auto_linklocal} to
per-interface flags to nuke rc.d/auto_linklocal. The motivations and
changes are as follow. If you are using IPv6 and/or familiar with
the IPv6 implementation, please let me know your comments.
The ip6.autolinklocal had been enabled but disabled since 6.2R by
default because automatic configuration of L3 address is insecure.
However, it makes IPv6 configuration complex because of no link-local
address on an interface. Malformed address configuration can be
happened easily on a system with $ipv6_enable="NO". for example. In
addition, the rc.conf knob does not mean the IPv6 functionality is
completely disabled. Using an interface for IPv4-only is difficult.
So, I want to add the following changes:
1. Use per-interface ND6 flag "ifdisabled" as a flag for if it is
IPv6-enabled or not. Set it by default.
This looks okay, but "ifdisabled" seems to mean "disable the
interface" instead of the actual meaning: "disable ipv6 neighbor
discovery / disable ipv6 link local". Bikeshed apart, what about:
# ifconfig fxp0 -nd6 (to disable ND6)
# ifconfig fxp0 nd6 (to enable it)
And ifconfig fxp0 will show "nd6" or "-nd6" depending on wether the
bit is on or off, respectively.
"accept_rtadvd" could follow the same principles.
What do you think?
--
Rui Paulo
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[email protected]"
