On Tue, Apr 29, 2014 at 10:52:06AM -0300, Giancarlo Razzolini wrote:
| Em 29-04-2014 04:51, Stuart Henderson escreveu:
| > Too soon I think. Wait a little longer and more major ISPs will turn
| > IPv4 into the second class citizen as they fumble with their cgnat
| > deployments then this will make a lot more sense. Now that akamai have
| > their /10 taking ARIN into the final /8 run-out position that RIPE and
| > APNIC have been in for some time, this will accelerate.
|
| I disable ipv6 across all my linux desktops installations because some
| daemons aren't smart enough to not try it first. Postfix is one that
| comes from the top of my mind. Also, I believe firefox will default to
| ipv6 then ipv4 if you have it enabled. Too soon I think. I'm hoping for
| ipv6 get more traction soon, so we could end using nat on our pf rules.
Disabling IPv6 should not be necessary: it shouldn't be enabled by
default, even link-local addresses.
Why oh why can I bring up an interface and have attackers probe me
over IPv6 on a default OpenBSD install while they cannot do so over
IPv4? Why is IPv6 more enabled than IPv4? IPv4 takes configuration
before it will work, IPv6 works without it. I believe that's a
problem that should be fixed before changing other defaults.
If I want IPv6 (static / RS / DHCPv6 / whatever), I should configure
my machine with it .. just like with IPv4 (static / DHCP / whatever).
Fuck this bullshit. Please note that this is the protocol where many
a developer will complain about how it's more complex than IPv4.
Paul 'WEiRD' de Weerd
PS: I tend to want IPv6 everywhere - I'm just opposing this STUPID
default in OpenBSD.
--
>++++++++[<++++++++++>-]<+++++++.>+++[<------>-]<.>+++[<+
+++++++++++>-]<.>++[<------------>-]<+.--------------.[-]
http://www.weirdnet.nl/
