On 14 May 2014 18:14, Alexander Bluhm <alexander.bl...@gmx.net> wrote: > On Wed, May 14, 2014 at 11:29:20PM +0200, Henning Brauer wrote: >> so as discussed recently having the inet6 link-local addrs on every >> interface by default is stupid and a security risk. > > Connecting a computer to the internet is a security risk. > IPv4 is on by default, and so IPv6 should be on by default. > I want both to be handled the same way.
And that, to me, is what this does, sans the +inet6 bit on which I agree with Mark. i.e. 'ifconfig <if> up' does not magically make IPv6 work while not making IPv4 work. > >> the only use case that needs config adoption: people ONLY using >> link-local, they will need to put +inet6 in the corresponding >> hostname.if file. I don't think this is needed. The eui64 thing seemed more obvious to me. Hmm. '-eui64' to remove it once it was added? > > There is a use case for running IPv6 over an interface without > setting an address. Configure a global IPv6 address on lo0, run > ospf6d on any physical interface and it will provide connection. > IPv6 autoconfiguration with link-local addresses is useful. So instead of everyone putting -inet6 in their hostname.if files, possibly even having to create hostname.if files to prevent interfaces from magically being portals into your system, now the people who know they want/need IPv6 have to put 'eui64' lines in the interfaces they want to be addressable. Again, this seems more consistant with IPv4 usage than today's setup. So I vote ok. .... Ken > >> ok? > > No > > bluhm >