Date: Tue, 13 Jun 2017 19:51:04 -0700 From: Rui Paulo <rpaulo@me.com> To: Tijl Coosemans <tijl@FreeBSD.org>, "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net> Cc: freebsd-net@FreeBSD.org Subject: Re: Enable IPv6 Privacy Extensions by default Message-ID: <1497408664.2220.3.camel@me.com> In-Reply-To: <20170612131912.42537b13@kalimero.tijl.coosemans.org> References: <20170611215904.4612ee41@kalimero.tijl.coosemans.org> <D05BDD5A-F7ED-4DFE-8835-DE444A12C771@lists.zabbadoz.net> <20170612131912.42537b13@kalimero.tijl.coosemans.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 2017-06-12 at 13:19 +0200, Tijl Coosemans wrote: > On Sun, 11 Jun 2017 22:13:14 +0000 "Bjoern A. Zeeb" <bzeeb-lists@list > s.zabbadoz.net> wrote: > > On 11 Jun 2017, at 19:59, Tijl Coosemans wrote: > > > I recently got a new modem/router from my ISP that supports > > > IPv6. Added > > > ifconfig_em0_ipv6="inet6 accept_rtadv" and rtsold_enable="YES" to > > > /etc/rc.conf like the handbook says and now all my FreeBSD > > > systems have > > > an IPv6 address. \o/ > > > > > > I also added these lines to /etc/sysctl.conf to enable temporary > > > addresses: > > > > > > net.inet6.ip6.use_tempaddr=1 > > > net.inet6.ip6.prefer_tempaddr=1 > > > > > > Shouldn't these be enabled by default? There was a proposal 9 > > > years ago > > > that didn't get any objections but it seems it wasn't committed: > > > https://lists.freebsd.org/pipermail/freebsd-net/2008-June/018381. > > > html > > > > > > If there are no objections, I'll make the change in a week or > > > so. > > > > Object :) > > > > Check the rc.conf ipv6_privacy option rather than setting the > > sysctl > > manually. > > Ah, thanks. I see that RFC 4941 also recommends it be disabled by > default. RFC 4941 was written in a time where MAC address privacy was not a concern, but now we know better. I don't see any reason why we shouldn't have privacy addresses enabled by default. In fact, back in 2008 no one voiced their concerns. -- Rui Paulo
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1497408664.2220.3.camel>