| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 4 Jun 2010 16:14:37 +0200 From: Julius Volz <juliusv@...gle.com> To: Ferenc Wagner <wferi@...f.hu> Cc: netdev@...r.kernel.org, robert.gallagher@...net.ie Subject: Re: Is CONFIG_IP_VS_IPV6 still/really dangerous? Hi Ferenc, On Fri, Jun 4, 2010 at 3:56 PM, Ferenc Wagner <wferi@...f.hu> wrote: > Hi, > > In commit fab0de02fb0da83b90cec7fce4294747d86d5c6f CONFIG_IP_VS_IPV6 is > described as: > > Add IPv6 support to IPVS. This is incomplete and might be dangerous. > > I agree its implementation is incomplete. But I wonder if it's really > dangerous in the sense that generic distribution kernels shouldn't > enable it, because it can break unrelated (eg. IPv4 IPVS) functionality. > > What does that warning mean today? Isn't it out of date? I wrote the IPv6 support back in the day, but never used it large-scale. Rob Gallagher from HEAnet was doing some bigger experiments with it, but I'm not sure how far it went. CCing him. There are probably some other people out there that have tested it extensively. Maybe try the lvs-users and lvs-devel mailing lists? http://www.linuxvirtualserver.org/mailing.html Julius -- Julius Volz - Site Reliability Engineer Google Switzerland GmbH - Identification No.: CH-020.4.028.116-1 -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists