On Thu, May 15, 2014 at 12:14:37AM +0200, Alexander Bluhm wrote: > On Wed, May 14, 2014 at 11:29:20PM +0200, Henning Brauer wrote: > > so as discussed recently having the inet6 link-local addrs on every > > interface by default is stupid and a security risk. > > Connecting a computer to the internet is a security risk. > IPv4 is on by default, and so IPv6 should be on by default.
No it's not 'on by default'. > I want both to be handled the same way. Then by your logic, we should assign an IPv4 link local address as well, from the 169.254.0.0/16 range. > > the only use case that needs config adoption: people ONLY using > > link-local, they will need to put +inet6 in the corresponding > > hostname.if file. > > There is a use case for running IPv6 over an interface without > setting an address. Yes, there is. > Configure a global IPv6 address on lo0, run > ospf6d on any physical interface and it will provide connection. But that is not a good use case. Read the RFCs. > IPv6 autoconfiguration with link-local addresses is useful. It can be useful, but whether it should be the default or not is another matter. Autoconfiguration in general is dangerous and unnecessary. We have it as an option. Those who want to use it have a choice. Why don't the two OpenBSD users who actually use IPv6 just use link local addresses between themselves :-))) -- Creamy! <3
