Re: Fedora IPv6 testing and improvements - request for ideas

On 4 November 2015 at 02:20, Toby Goodwin wrote: > As well as Fedora itself, we need to get the infrastructure IPv6 ready. > My company has developed an IPv6 health checker. Given a domain, it > tests its nameservers, webservers, and mailservers for IPv6 readiness. > > Currently

Re: Fedora IPv6 testing and improvements - request for ideas

- Original Message - > From: "Zdenek Kabelac" <zkabe...@redhat.com> > To: "Development discussions related to Fedora" > <devel@lists.fedoraproject.org> > Sent: Wednesday, November 4, 2015 1:43:12 PM > Subject: Re: Fedora IPv6 testing and impr

Re: Fedora IPv6 testing and improvements - request for ideas

- Original Message - > From: "Toby Goodwin" <t...@paccrat.org> > To: devel@lists.fedoraproject.org > Sent: Wednesday, November 4, 2015 10:20:00 AM > Subject: Re: Fedora IPv6 testing and improvements - request for ideas > > As well as Fedora itself, we n

Re: Fedora IPv6 testing and improvements - request for ideas

On 3.11.2015 18:50, Moez Roy wrote: > Hi Pavel Simerda, > > The IPv6 updates are breaking stuff (and probably increasing the > attack surface): > > Bug 1231946 - unbound-anchor ignores net.ipv6.conf.all.disable_ipv6=1 > in /etc/sysctl.conf > https://bugzilla.redhat.com/show_bug.cgi?id=1231946 >

Re: Fedora IPv6 testing and improvements - request for ideas

Dne 4.11.2015 v 13:24 Petr Spacek napsal(a): On 3.11.2015 18:50, Moez Roy wrote: Hi Pavel Simerda, The IPv6 updates are breaking stuff (and probably increasing the attack surface): Bug 1231946 - unbound-anchor ignores net.ipv6.conf.all.disable_ipv6=1 in /etc/sysctl.conf

Re: Fedora IPv6 testing and improvements - request for ideas

On 04.11.2015 15:22, Pavel Simerda wrote: > - Original Message - > > From: "Zdenek Kabelac" <zkabe...@redhat.com> > > To: "Development discussions related to Fedora" > > <devel@lists.fedoraproject.org> > > Sent: Wednesday, Novem

Re: Fedora IPv6 testing and improvements - request for ideas

On 04 Nov 2015 09:20:00 - Toby Goodwin wrote: > As well as Fedora itself, we need to get the infrastructure IPv6 > ready. My company has developed an IPv6 health checker. Given a > domain, it tests its nameservers, webservers, and mailservers for > IPv6 readiness. > >

Re: Fedora IPv6 testing and improvements - request for ideas

As well as Fedora itself, we need to get the infrastructure IPv6 ready. My company has developed an IPv6 health checker. Given a domain, it tests its nameservers, webservers, and mailservers for IPv6 readiness. Currently fedoraproject.org scores 4 out of 9, so there's some room for improvement!

Re: SELinux & disabled IPv6 (was: Re: Fedora IPv6 testing and improvements - request for ideas)

On Tue, Nov 3, 2015 at 9:06 PM, Scott Schmit wrote: > On Tue, Nov 03, 2015 at 09:50:53AM -0800, Moez Roy wrote: >> The IPv6 updates are breaking stuff (and probably increasing the >> attack surface): >> >> Bug 1231946 - unbound-anchor ignores net.ipv6.conf.all.disable_ipv6=1

Re: Fedora IPv6 testing and improvements - request for ideas

- Original Message - > From: "Chris Adams" <li...@cmadams.net> > To: devel@lists.fedoraproject.org > Sent: Thursday, October 29, 2015 9:30:12 PM > Subject: Re: Fedora IPv6 testing and improvements - request for ideas > > Once upon a time, Zach Vi

Re: Fedora IPv6 testing and improvements - request for ideas

So one thing I would suggest is testing ipv6 only environments. At Facebook we are running into and fixing a whole host of problems with NetworkManager, Anaconda, Dracut, etc. because they don't handle ipv6 only very well. It seems that having ipv4 enabled allows things to work well enough that

Re: Fedora IPv6 testing and improvements - request for ideas

Hi Pavel Simerda, The IPv6 updates are breaking stuff (and probably increasing the attack surface): Bug 1231946 - unbound-anchor ignores net.ipv6.conf.all.disable_ipv6=1 in /etc/sysctl.conf https://bugzilla.redhat.com/show_bug.cgi?id=1231946 Bug 1251762 - dnssec-triggerd ignores

Re: Fedora IPv6 testing and improvements - request for ideas

- Original Message - > From: "Scott Schmit" <i.g...@comcast.net> > To: devel@lists.fedoraproject.org > Sent: Friday, October 30, 2015 2:10:41 AM > Subject: Re: Fedora IPv6 testing and improvements - request for ideas > > On Thu, Oct 29, 2015 at 11:15:10AM

Re: Fedora IPv6 testing and improvements - request for ideas

- Original Message - > From: "Michael Cronenworth" <m...@cchtml.com> > To: devel@lists.fedoraproject.org > Sent: Friday, October 30, 2015 10:37:59 PM > Subject: Re: Fedora IPv6 testing and improvements - request for ideas > > On 10/29/2015 10:15 AM,

Re: Fedora IPv6 testing and improvements - request for ideas

>> In the above page: >> * Network configuration: I see NetworkManager in there but nothing >> about systemd-networkd > > I used browser search in that page and 'systemd' (which is the name > of the source package that provides systemd-networkd) is listed. I wasn't sure whether it meant systemd

Re: Fedora IPv6 testing and improvements - request for ideas

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 10/29/2015 10:15 AM, Pavel Simerda wrote: > I am writing to Fedora development mailing lists to get opinions > and ideas regarding our project on improving IPv6 support in > Fedora across its components. I'd be more than happy to work with some

Re: Fedora IPv6 testing and improvements - request for ideas

> <pwout...@redhat.com>, "Tore Anderson" <t...@fud.no> > Sent: Tuesday, November 3, 2015 6:56:42 PM > Subject: Re: Fedora IPv6 testing and improvements - request for ideas > > So one thing I would suggest is testing ipv6 only environments. At > Facebook we are run

Re: Fedora IPv6 testing and improvements - request for ideas

lt;t...@fud.no>, "Tomas Hozza" <tho...@redhat.com>, "Paul > Wouters" <pwout...@redhat.com> > Sent: Tuesday, November 3, 2015 6:50:53 PM > Subject: Re: Fedora IPv6 testing and improvements - request for ideas > > Hi Pavel Simerda, > > The IPv

Re: Fedora IPv6 testing and improvements - request for ideas

- Original Message - > From: "Peter Robinson" <pbrobin...@gmail.com> > To: "Development discussions related to Fedora" > <devel@lists.fedoraproject.org> > Sent: Tuesday, November 3, 2015 6:27:32 PM > Subject: Re: Fedora IP

Re: Fedora IPv6 testing and improvements - request for ideas

- Original Message - > From: "Major Hayden" <ma...@mhtx.net> > To: devel@lists.fedoraproject.org > Sent: Tuesday, November 3, 2015 8:24:46 PM > Subject: Re: Fedora IPv6 testing and improvements - request for ideas > > -BEGIN PGP SIGNED MESSAGE- &g

Re: Fedora IPv6 testing and improvements - request for ideas

On Tue, Nov 03, 2015 at 01:12:09PM -0500, Pavel Simerda wrote: > You can of course have combinations. We can add that once we have > specific test cases that would show importance of a standalone category > for such a setup. Otherwise one would usually view IPv6 global and IPv6 > local

SELinux & disabled IPv6 (was: Re: Fedora IPv6 testing and improvements - request for ideas)

On Tue, Nov 03, 2015 at 09:50:53AM -0800, Moez Roy wrote: > The IPv6 updates are breaking stuff (and probably increasing the > attack surface): > > Bug 1231946 - unbound-anchor ignores net.ipv6.conf.all.disable_ipv6=1 > in /etc/sysctl.conf > https://bugzilla.redhat.com/show_bug.cgi?id=1231946 >

Re: Fedora IPv6 testing and improvements - request for ideas

On Thu Oct 29 15:15:10 UTC 2015, Pavel Simerda wrote: > I am writing to Fedora development mailing lists to get opinions > and ideas regarding our project on improving IPv6 support in > Fedora across its components. > > https://fedoraproject.org/wiki/QA/Networking > > Most prominent subpages: > >

Re: Fedora IPv6 testing and improvements - request for ideas

- Original Message - > From: "Peter Robinson" > > https://fedoraproject.org/wiki/QA/Networking Hi, thanks for your feedback. > In the above page: > * Network configuration: I see NetworkManager in there but nothing > about systemd-networkd I used browser search

Re: Fedora IPv6 testing and improvements - request for ideas

Once upon a time, Dan Williams said: > You can set this on a per-connection basis with NM. It just defaults to > "unset", which then defaults to "on". You can also set a global default > through /etc/NetworkManager/NetworkManager.conf so that all new > connections on your

Re: Fedora IPv6 testing and improvements - request for ideas

On 10/29/2015 10:15 AM, Pavel Simerda wrote: *https://fedoraproject.org/wiki/QA/Networking/Test_environment Don't forget about 6to4[1]... everyone should have access to this unless your ISP blocks the routes. It doesn't require an account or 3rd party host that the tunnels require.

Re: Fedora IPv6 testing and improvements - request for ideas

On Thu, 2015-10-29 at 15:30 -0500, Chris Adams wrote: > Once upon a time, Zach Villers said: > > If it helps, Sixxs (https://www.sixxs.net/main/) is a very highly > > recommended tunnel broker. I have not tried it and am not affiliated. I do > > have ipv6 capability from my

Fedora IPv6 testing and improvements - request for ideas

Hi all, I am writing to Fedora development mailing lists to get opinions and ideas regarding our project on improving IPv6 support in Fedora across its components. https://fedoraproject.org/wiki/QA/Networking Most prominent subpages: *

Re: Fedora IPv6 testing and improvements - request for ideas

On Thu, Oct 29, 2015 at 3:15 PM, Pavel Simerda wrote: > Hi all, > > I am writing to Fedora development mailing lists to get opinions > and ideas regarding our project on improving IPv6 support in > Fedora across its components. > > https://fedoraproject.org/wiki/QA/Networking

Re: Fedora IPv6 testing and improvements - request for ideas

If it helps, Sixxs (https://www.sixxs.net/main/) is a very highly recommended tunnel broker. I have not tried it and am not affiliated. I do have ipv6 capability from my isp, so could help with testing. On Thu, Oct 29, 2015 at 3:35 PM, Peter Robinson wrote: > On Thu, Oct

Re: Fedora IPv6 testing and improvements - request for ideas

Once upon a time, Zach Villers said: > If it helps, Sixxs (https://www.sixxs.net/main/) is a very highly > recommended tunnel broker. I have not tried it and am not affiliated. I do > have ipv6 capability from my isp, so could help with testing. There's also Hurricane

Re: Fedora IPv6 testing and improvements - request for ideas

On Thu, Oct 29, 2015 at 11:15:10AM -0400, Pavel Simerda wrote: > I am writing to Fedora development mailing lists to get opinions > and ideas regarding our project on improving IPv6 support in > Fedora across its components. > > https://fedoraproject.org/wiki/QA/Networking > > Most prominent