According to the IPv6 guys, the reason the kernel defaults to max_plen=0 is because otherwise it is too trivial to grab packets surreptitiously by advertising a subnet. So you should configure this to 64 or more - but only on interfaces with trusted routers.
Long ago, Nostradamus foresaw that on 02/01/2013 01:28 PM, Stuart Gathman would write: > Long ago, Nostradamus foresaw that on 01/31/2013 01:19 PM, Pavel Simerda > would write: >> ----- Original Message ----- >>> I have a single default router sending RAs, and another router which >>> does *not* advertise a default route, but instead advertises two >>> specific routes. I'm not sure whether NM or the kernel is to blame, >>> but >>> while radvdump shows both RAs arriving, the only route installed is >>> the >>> default route. The specific routes are ignored. >> This is done by kernel. This may actually resolve as two separate >> problems.sysctl -w net.ipv6.conf.eth0.accept_ra_rt_info_max_plen=64 >> >> For now I reported it as: >> >> https://bugzilla.redhat.com/show_bug.cgi?id=906505 >> > I did some playing around on both Fedora 17 and EL6. I find that you > must set net.ipv6.conf.eth0.accept_ra_rt_info_max_plen=64 > For specific routes to be installed. By default, this config is 0. > _______________________________________________ networkmanager-list mailing list [email protected] https://mail.gnome.org/mailman/listinfo/networkmanager-list
