allow v6 privacy and static addresses to co-exist again

Sun, 02 Sep 2012 05:08:23 -0700 

Simon's recent commit to prevent SLAAC address formation when
a static address is already configured has a side-effect for
autoconfprivacy users.

With the following in /etc/hostname.if:

  dhcp
  rtsol
  inet6 some-address 64

the netstart script will run rtsol after assigning the static address,
hence preventing privacy addresses from being formed. The only effect
of 'rtsol' in this case is an auto-configured default route.

If a privacy address is manually configured first and a static address
second, the interface initially has both. But the static address prevents
creation of new addresses during RA reception. When the privacy address
becomes deprecated a fresh address is not added, breaking autoconfprivacy.

So using privacy addresses for outgoing connections and static addresses
for incoming connections is no longer possible. Do we want to support
this use case? It used to work ever since privacy addresses were introduced.

The diff below makes static addresses prevent SLAAC addresses in the
no-privacy case but allows static and privacy addresses to co-exist.

Because we create SLAAC addresses alongside privacy addresses, this 
effectively reverts the default behaviour to what it was before
Simon's change. With the hostname.if snippet above we get:

 - auto-configured default route
 - SLAAC address
 - privacy addresses (rotating over time)
 - a static address

Those who prefer traditional inet6 behaviour can use:

  dhcp
  -autoconfprivacy
  rtsol

This results in:

 - auto-configured default route
 - SLAAC address

Or:

  dhcp
  -autoconfprivacy
  rtsol
  inet6 some-address 64

This results in:

 - auto-configured default route
 - a static address

ok?

Index: nd6_rtr.c
===================================================================
RCS file: /cvs/src/sys/netinet6/nd6_rtr.c,v
retrieving revision 1.62
diff -u -p -r1.62 nd6_rtr.c
--- nd6_rtr.c   28 Aug 2012 20:32:02 -0000      1.62
+++ nd6_rtr.c   2 Sep 2012 11:33:44 -0000
@@ -1275,7 +1275,8 @@ prelist_update(struct nd_prefix *new, st
        }
 
        if ((!autoconf || ((ifp->if_xflags & IFXF_INET6_NOPRIVACY) == 0 &&
-           !tempaddr_preferred)) && new->ndpr_vltime != 0 && !statique) {
+           !tempaddr_preferred)) && new->ndpr_vltime != 0 &&
+           !((ifp->if_xflags & IFXF_INET6_NOPRIVACY) && statique)) {
                /*
                 * There is no SLAAC address and/or there is no preferred RFC
                 * 4941 temporary address. And the valid prefix lifetime is

Reply via email to