Re: NOINET6 by default

Wed, 14 May 2014 15:03:27 -0700 

Hi Henning,

Thanks, I really like this.

On Wed, May 14, 2014 at 11:29:20PM +0200, Henning Brauer wrote:
| the only use case that needs config adoption: people ONLY using
| link-local, they will need to put +inet6 in the corresponding
| hostname.if file.

People that set net.inet6.ip6.accept_rtadv=1 but don't actively do
router solicitation will now no longer get an IPv6 address (a real
one, not just link local) after some time (when there are router
advertisements on the network).  This seems blatantly obvious, but
might still warrant an entry in current.html as it's contrary to
previous behavior.  Suggested diff included,

Anyway, I've verified that my system now comes up with ::1 and
fe80::1%lo0 on lo0 but other interfaces (software ones like vether(4)
and real ones like re(4) and iwn(4)) don't get an address after just
bringing the interface up.  Using +inet6 works and gets me a
link-local address (and, when I do this on a network with router
advertisements, I get an address and an autoconfprivacy address after
some time).  And of course, configuring IPv6 works as usual.

| ok?

This makes a whole lot of sense to me.  Please make OpenBSD the first
OS to do (this part of) v6 in a sensible way.

Paul 'WEiRD' de Weerd

Index: current.html
===================================================================
RCS file: /cvs/www/faq/current.html,v
retrieving revision 1.508
diff -u -p -r1.508 current.html
--- current.html        7 May 2014 13:38:43 -0000       1.508
+++ current.html        14 May 2014 22:01:30 -0000
@@ -52,6 +52,7 @@
 <li><a href="#20140421">2014/04/21 - lpd(8): hosts.equiv removed</a>
 <li><a href="#20140422">2014/04/22 - kerberosV removed</a>
 <li><a href="#20140503">2014/05/03 - bcrypt hash advanced to $2b$ mode</a>
+<li><a href="#20140516">2014/05/16 - IPv6 defaults to off when not 
configured</a>
 </ul>
 
 <hr>
@@ -490,6 +491,14 @@ manually or use the kerberos packages wh
 The bcrypt(3) hash has been advanced to the new $2b$ mode.  Newly
 created hashes will follow this form.  Older systems may not
 understand this format.
+
+<a name="20140516"></a>
+<h3>2014/05/16 - IPv6 defaults to off when not configured<</h3>
+
+Interfaces no longer get a link-local address configured by default
+when no other IPv6 configuration is present.  If you want the old
+behaviour restored for sepcific interfaces, add "+inet6" to the
+hostname.if(5) file or on the ifconfig(8) command line.
 
 <hr>
 <br>


| Index: sys/net/if.c
| ===================================================================
| RCS file: /cvs/src/sys/net/if.c,v
| retrieving revision 1.288
| diff -u -p -r1.288 if.c
| --- sys/net/if.c      13 May 2014 14:33:25 -0000      1.288
| +++ sys/net/if.c      14 May 2014 21:03:45 -0000
| @@ -429,6 +429,9 @@ if_attach(struct ifnet *ifp)
|  #else
|       TAILQ_INSERT_TAIL(&ifnet, ifp, if_list);
|  #endif
| +#ifdef INET6
| +     ifp->if_xflags |= IFXF_NOINET6;
| +#endif
|  
|       m_clinitifp(ifp);
|  
| Index: sbin/ifconfig/ifconfig.8
| ===================================================================
| RCS file: /cvs/src/sbin/ifconfig/ifconfig.8,v
| retrieving revision 1.241
| diff -u -p -r1.241 ifconfig.8
| --- sbin/ifconfig/ifconfig.8  22 Apr 2014 10:11:32 -0000      1.241
| +++ sbin/ifconfig/ifconfig.8  13 May 2014 14:58:58 -0000
| @@ -283,8 +283,12 @@ Disable
|  on the given interface and remove all configured
|  .Xr inet6 4
|  addresses, including the link-local ones.
| -To turn it on again, assign any inet6 address or run
| +To turn it on again, use +inet6, assign any inet6 address or run
|  .Xr rtsol 8 .
| +.It +inet6
| +Enable
| +.Xr inet6 4
| +and assign a link local address if the interface doesn't have one yet.
|  .It Cm instance Ar minst
|  Set the media instance to
|  .Ar minst .
| Index: sbin/ifconfig/ifconfig.c
| ===================================================================
| RCS file: /cvs/src/sbin/ifconfig/ifconfig.c,v
| retrieving revision 1.283
| diff -u -p -r1.283 ifconfig.c
| --- sbin/ifconfig/ifconfig.c  12 May 2014 08:47:37 -0000      1.283
| +++ sbin/ifconfig/ifconfig.c  13 May 2014 14:56:25 -0000
| @@ -412,6 +412,7 @@ const struct      cmd {
|       { "-flowdst", 1,                0,              unsetpflow_receiver },
|       { "pflowproto", NEXTARG,        0,              setpflowproto },
|       { "-inet6",     IFXF_NOINET6,   0,              setifxflags } ,
| +     { "+inet6",     0,              0,              setia6eui64 },
|       { "keepalive",  NEXTARG2,       0,              NULL, setkeepalive },
|       { "-keepalive", 1,              0,              unsetkeepalive },
|       { "add",        NEXTARG,        0,              bridge_add },
| @@ -1310,7 +1311,9 @@ setia6eui64(const char *cmd, int val)
|       const struct in6_addr *lladdr = NULL;
|       struct in6_addr *in6;
|  
| -     if (afp->af_af != AF_INET6)
| +     if (!strcmp(cmd, "+inet6"))
| +             setifxflags("inet6", -IFXF_NOINET6);
| +     else if (afp->af_af != AF_INET6)
|               errx(1, "%s not allowed for the AF", cmd);
|       in6 = (struct in6_addr *)&in6_addreq.ifra_addr.sin6_addr;
|       if (memcmp(&in6addr_any.s6_addr[8], &in6->s6_addr[8], 8) != 0)
| 
| 
| 
| -- 
| Henning Brauer, [email protected], [email protected]
| BS Web Services GmbH, http://bsws.de, Full-Service ISP
| Secure Hosting, Mail and DNS. Virtual & Dedicated Servers, Root to Fully 
Managed
| Henning Brauer Consulting, http://henningbrauer.com/
| 

-- 
>++++++++[<++++++++++>-]<+++++++.>+++[<------>-]<.>+++[<+
+++++++++++>-]<.>++[<------------>-]<+.--------------.[-]
                 http://www.weirdnet.nl/

Reply via email to