[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1388834511.7407.5.camel@weing>
Date: Sat, 04 Jan 2014 12:21:51 +0100
From: Thomas Haller <thaller@...hat.com>
To: Hannes Frederic Sowa <hannes@...essinduktion.org>
Cc: Jiri Pirko <jiri@...nulli.us>, netdev@...r.kernel.org,
stephen@...workplumber.org
Subject: Re: [patch iproute2 v2 0/2] add support for IFA_F_MANAGETEMPADDR
Hi,
On Sat, 2014-01-04 at 12:15 +0100, Hannes Frederic Sowa wrote:
> On Sat, Jan 04, 2014 at 12:05:57PM +0100, Jiri Pirko wrote:
> > Sure. NM should set use_tempaddr accordingly. You are right that kernel
> > generate temporary adresses, but only for the prefixes received via
> > neighbor discovery (see addrconf_prefix_rcv). The ones that are set by
> > hand are not handled. That is the reason we introduced IFA_F_MANAGETEMPADDR.
>
> Ah, sorry. So NM sets use_tempaddr == 2 but disables accept_ra? That's fine,
> sorry to bother!
yes, that is the plan. use_tempaddr is to configure the preference for
address selection, and without accept_ra, the kernel will not add
autoconf addresses himself -- only NM adds them with
IFA_F_MANAGETEMPADDR. I think this will work out fine.
>
> > >So currently privacy addresses are correctly installed, but we cannot control
> > >if we want prefer them to global addresses for outgoing connections where the
> > >socket is not bound to a specific address.
> > >
> > >Also, I saw that NetworkManager switched to install autoconf addresses
> > >as /128, doesn't this break with IFA_F_MANAGETEMPADDR, as you expect a /64
> > >prefixlen?
> >
> > /64 is required
>
> Ok, currently NM seems to "violate" that as it installs autoconf addresses
> with 128 prefixlen, so IFA_F_MANAGETEMPADDR should not work on them.
> (currently observed on Fedora 20).
True, I noticed that too. I think that is a bug in NM to add the
addresses as /128. Probably, we will fix that soon.
Thomas
Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)
Powered by blists - more mailing lists