Penned by Henning Brauer on 20140516 0:26.37, we have: | * Claudio Jeker <cje...@diehard.n-r-g.com> [2014-05-15 09:33]: | > On Wed, May 14, 2014 at 11:29:20PM +0200, Henning Brauer wrote: | > > so as discussed recently having the inet6 link-local addrs on every | > > interface by default is stupid and a security risk. | > > | > > this diff fixes that. well, really two independent parts. | > > one: set the NOINET6 flag by default on each and every interface. | > > two: implement "ifconfig <if> +inet6" to turn inet6 on and assign | > > the link-local addr. | > > | > > this should be transparent for almost all real use cases of inet6 | > > since assigning any inet6 address also resets the flag (and ll is | > > assigned then as well). | > > lo0 still gets it's ::1 and fe80::1%lo0 by default. | > > | > > the only use case that needs config adoption: people ONLY using | > > link-local, they will need to put +inet6 in the corresponding | > > hostname.if file. | > > | > > ok? | > | > To be honest the right fix would be to get rid of IFXF_NOINET6 and | > just make it the default. There is no need for such a flag anymore. | | very valid point, I'll happily clean that up right after - one thing | at a time.
When I travel between networks.. at home with rtsol capable networks .. and at e.g. a library that does not have native IPv6 .. I find it invaluable to 'zzz' then upon resume 'ifconfig wpi0 -inet6' for the library and then 'rtsol wpi0' at home. Just because the new default will be the equivalent of 'ifconfig wpi0 -inet6' until configured doesn't mean there isn't a use for clearing it later on as well. I wish there were an equivalent for IPv4, but at least dhclient clears the old address on 'ifconfig wpi0 down' ... Thanks, -- Todd T. Fries . http://todd.fries.net/pgp.txt . @unix2mars . github:toddfries
