lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <Yc8iWYHLS5XQ9TLd@lunn.ch>
Date:   Fri, 31 Dec 2021 16:31:37 +0100
From:   Andrew Lunn <andrew@...n.ch>
To:     Alexandre Belloni <alexandre.belloni@...tlin.com>
Cc:     Colin Foster <colin.foster@...advantage.com>,
        netdev@...r.kernel.org, Vladimir Oltean <olteanv@...il.com>,
        Horatiu Vultur <horatiu.vultur@...rochip.com>
Subject: Re: packets trickling out of STP-blocked ports

> > > sysctl -w net.ipv6.conf.swp3.autoconf=0
> > 
> > That sounds very promising! Sorry you had to fix my system config, but
> > glad that this all makes perfect sense. 
> > 

Hi Alexandre

> 
> Let me know if this works ;) The bottom line being that you should
> probably disable ipv6 autoconf on individual interfaces and then enable
> it on the bridge.

Does this also stop the interface getting a link local IPv6 address
based on its MAC address?

e.g. my wifi interface has MAC address b8:ae:ed:78:ef:9d and gets an
IPv6 address

inet6 fe80::baae:edff:fe78:ef9d/64 scope link 

It will also perform duplicate address detection, DAD, when the
interface is brought up. That is probably hard to see with tcpdump on
the host, since it happens very quickly, but a link peer should see
the packets.

    Andrew

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ