Re: PATCH: More apprrpriate vltime for IPv6 temp addrs (rfc4941bis)

Florian Obser Fri, 27 Mar 2020 08:21:32 -0700

Nice,

as the draft states:
      The default Valid Lifetime for temporary addresses has been
      reduced from 1 week to 2 days, decreasing the typical number of
      concurrent temporary addresses from 7 to 2.


This had been a complained on numerous occasions.

This made me realize that we can go futher and move the ND6_PRIV
constants from a public header to slaacd(8) - the only user.
I'm pretty sure that we made these constants up - they are not used in
the wider eco system according to internet searches.

diff --git sbin/slaacd/engine.c sbin/slaacd/engine.c
index be5d3fc827b..8f2c4297225 100644
--- sbin/slaacd/engine.c
+++ sbin/slaacd/engine.c
@@ -86,6 +86,11 @@
 #define        RTR_SOLICITATION_INTERVAL       4
 #define        MAX_RTR_SOLICITATIONS           3
 
+/* constants for RFC 4941 autoconf privacy extension */
+#define ND6_PRIV_MAX_DESYNC_FACTOR     512     /* largest pow2 < 10 minutes */
+#define ND6_PRIV_VALID_LIFETIME                172800  /* 2 days */
+#define ND6_PRIV_PREFERRED_LIFETIME    86400   /* 1 day */
+
 enum if_state {
        IF_DOWN,
        IF_DELAY,
diff --git sys/netinet6/nd6.h sys/netinet6/nd6.h
index 4449a7ed73c..e16f40d4cd2 100644
--- sys/netinet6/nd6.h
+++ sys/netinet6/nd6.h
@@ -89,11 +89,6 @@ struct       in6_ndifreq {
 
 #define ND6_INFINITE_LIFETIME          0xffffffff
 
-/* constants for RFC 4941 autoconf privacy extension */
-#define ND6_PRIV_MAX_DESYNC_FACTOR     512     /* largest pow2 < 10 minutes */
-#define ND6_PRIV_VALID_LIFETIME                604800  /* 1 week */
-#define ND6_PRIV_PREFERRED_LIFETIME    86400   /* 1 day */
-
 #ifdef _KERNEL
 
 #include <sys/queue.h>


On Fri, Mar 27, 2020 at 08:27:37AM -0300, Fernando Gont wrote:
> Folks,
> 
> This changes the default Valid Lifetime of temporary addresses to 2 days (as
> per draft-ietf-6man-rfc4941bis):
> 
> ---- cut here ----
> diff --git nd6.h nd6.h
> index 4449a7ed73c..de80dc16047 100644
> --- nd6.h
> +++ nd6.h
> @@ -91,7 +91,7 @@ struct      in6_ndifreq {
> 
>  /* constants for RFC 4941 autoconf privacy extension */
>  #define ND6_PRIV_MAX_DESYNC_FACTOR   512     /* largest pow2 < 10 minutes */
> -#define ND6_PRIV_VALID_LIFETIME              604800  /* 1 week */
> +#define ND6_PRIV_VALID_LIFETIME              172800  /* 2 days, as per 
> rfc4941bis */
>  #define ND6_PRIV_PREFERRED_LIFETIME  86400   /* 1 day */
> 
>  #ifdef _KERNEL
> ---- cut here ----
> 
> P.S.: Patch also available at:
> https://www.gont.com.ar/code/patch-fgont-tempaddr-vltime.txt
> 
> Thanks,
> -- 
> Fernando Gont
> e-mail: [email protected] || [email protected]
> PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
> 
> 
> 

-- 
I'm not entirely sure you are real.

Re: PATCH: More apprrpriate vltime for IPv6 temp addrs (rfc4941bis)

Reply via email to