lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20090318.123308.29370828.yoshfuji@st-paulia.net>
Date:	Wed, 18 Mar 2009 12:33:08 +0900 (JST)
From:	YOSHIFUJI Hideaki <yoshfuji@...paulia.net>
To:	linux@...la.no
Cc:	netdev@...r.kernel.org, yoshfuji@...ux-ipv6.org
Subject: Re: PROBLEM: IPv6 autoconf/accept_ra default values

Hello.

In article <alpine.LNX.2.00.0903180200590.10453@...da.kolla.no> (at Wed, 18 Mar 2009 02:06:09 +0100 (CET)), Kolbjørn Barmen <linux@...la.no> says:

> > My personal oppinion is that anything ipv6 autoconfig/accept_ra should be
> > default _off_, since this simplifies all the above mentioned issues, and
> > it is incredibly easy to turn on again with systcl if people want it.
> > It is much easier to enable ipv6 automagic than to disable it.
> > At least there should be kernel/module parameter to set default behaviour.
> > 
> > Part of the problem with deploying IPv6 is due to "magic" like this, all
> > the autoconfig/router announcement magic looks very well on paper and in
> > theory, but out in the field it quickly leads to loads of totally
> > unnecessary extra work, work that could easily be avoided if default
> > behaviour was to have it off. It should be in the interest of IPv6
> > advocates to support a "soft" transition from IPv4-only to dual-stack,
> > fencing off unwanted "magic" only adds to the frustration for those who
> > actually try to deploy it.
> > 
> > What do you think?
> 
> Obviously noone really think much of this, one way or the other, so here's a
> patch that changes the default values.

Default should be ON.

But I would agree to have some (relatively easy) way to disable
autoconfiguration.  Well yes, probably kernel module papameter.

Simple interface:
 - disable_ipv6=1
 - autoconf=0

Do anyone need more complex interface?
 - disable_ipv6={all|IF}:0,...
 - autoconf={all|IF}:0,...

--yoshfuji
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ