From owner-freebsd-net@FreeBSD.ORG Fri Aug 29 18:25:55 2014 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id CBB43966; Fri, 29 Aug 2014 18:25:55 +0000 (UTC) Received: from smtp2.wemm.org (smtp2.wemm.org [192.203.228.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "smtp2.wemm.org", Issuer "StartCom Class 1 Primary Intermediate Server CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id A89B312FB; Fri, 29 Aug 2014 18:25:55 +0000 (UTC) Received: from overcee.wemm.org (canning.wemm.org [192.203.228.65]) by smtp2.wemm.org (Postfix) with ESMTP id E3A7FAC; Fri, 29 Aug 2014 11:25:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wemm.org; s=m20140428; t=1409336755; bh=p8Hzox2gHn69X953g8+p6wsvBMu5srXzoWXWrUU55qE=; h=From:To:Cc:Subject:Date:In-Reply-To:References; b=aRDYg5k5q2whHByN+sAVj0Fo8DSj2EF/6ruUoEC6e41vHzKY48jJTApF1lXshAi1+ 6ZXY+BTxaNygSytjea3lyLmu2zBZixPm6MQYDqcTBaXmgT1/n64HhRU/VDCl3eBVAV xxpwcxfVnyMB+dBuOUIaOGymeGPdjm4TBK3z+ofc= From: Peter Wemm To: freebsd-net@freebsd.org Subject: Re: Should I be using ipv6_activate_all_interfaces or ip6addrctl_policy="ipv6_prefer" Date: Fri, 29 Aug 2014 11:25:50 -0700 Message-ID: <1826701.PSDCF000lT@overcee.wemm.org> User-Agent: KMail/4.12.5 (FreeBSD/11.0-CURRENT; KDE/4.12.5; amd64; ; ) In-Reply-To: <20140830.004156.1902600650619729089.hrs@allbsd.org> References: <53FD7B34.1050408@jonathanprice.org> <20140829101707.GA83695@zibbi.meraka.csir.co.za> <20140830.004156.1902600650619729089.hrs@allbsd.org> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart1939730.OEyclXybVc"; micalg="pgp-sha1"; protocol="application/pgp-signature" Cc: bzeeb-lists@lists.zabbadoz.net, Hiroki Sato , freebsd@jonathanprice.org X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 Aug 2014 18:25:56 -0000 --nextPart1939730.OEyclXybVc Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="us-ascii" On Saturday 30 August 2014 00:41:56 Hiroki Sato wrote: > John Hay wrote > in <20140829101707.GA83695@zibbi.meraka.csir.co.za>: >=20 > jh> On Wed, Aug 27, 2014 at 11:59:25AM +0000, Bjoern A. Zeeb wrote: > jh> > > jh> > On 27 Aug 2014, at 06:31 , Jonathan Price > jh> > wrote: > jh> > > jh> > > On 2014-08-27 01:40, Peter Wemm wrote: > jh> > >> On Tuesday 26 August 2014 10:40:27 freebsd@jonathanprice.org= wrote: > jh> > >>> Hello, > jh> > >>> > jh> > >>> I am configuring a server with IPv4 and IPv6 addresses and = have > jh> > >>> noticed that > jh> > >>> FreeBSD seems to be preferring IPv4, such as when establish= ing SSH > jh> > >>> connections. > jh> > >>> > jh> > >>> After reading through /etc/defaults/rc.conf, and later > jh> > >>> /etc/rc.d/ip6addrctl > jh> > >>> I have come to the conclusion that I have two ways to tell = FreeBSD > to jh> > >>> prefer IPv6: > jh> > >>> > jh> > >>> 1) Add ipv6_activate_all_interfaces to /etc/rc.conf > jh> > >>> 2) Add ip6addrctl_policy=3D"ipv6_prefer" to /etc/rc.conf > jh> > >>> > jh> ... > jh> > > However, it does sound like for my purposes it would make mor= e sense > jh> > > to use ip6addrctl_policy=3D?ipv6_prefer" as that is more expl= icitly > the jh> > > feature I want, rather than getting it inadvertently thro= ugh > the other jh> > > knob. > jh> > > jh> > Yes. Definitively. I am not sure if it has happened but if IPv= 6 > jh> > config is configured through rc.conf that setting should be(com= e) > jh> > default. > jh> > > jh> > jh> It does not seem so yet (anymore, it was like that many moons ago= ). A > jh> new >=20 > ... >=20 > jh> I think if an IPv6 address is configured on a machine, it should > jh> prefer ipv6 > jh> addresses. That would match what the rest are doing. >=20 > True at this moment. I have a patch to make it set ipv6_prefer when= > at least one ifconfig_IF_ipv6 is configured. >=20 > Is there any objection to commit this? I had hesitated to add this > for a technical reason which was eliminated by adding list_vars(). >=20 > -- Hiroki I understand the hesitation. There has long been a problem of people o= nly=20 half configuring ipv6, or enabling it without having connectivity. Or = people=20 listing AAAA records without being reachable. However, we have run the freebsd.org cluster with prefer_ipv6 for two y= ears=20 now (likewise, I've done the same at home) and no insurmountable issues= have=20 occurred. There are enough people pushing ipv6 and using it on a daily= basis=20 now that the old half-configured problems are fairly quickly noticed. I think we could turn it on by default now, as your patch does. And it= will=20 still be able to be disabled. =2D-=20 Peter Wemm - peter@wemm.org; peter@FreeBSD.org; peter@yahoo-inc.com; KI= 6FJV UTF-8: for when a ' or ... just won\342\200\231t do\342\200\246 --nextPart1939730.OEyclXybVc Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part. Content-Transfer-Encoding: 7Bit -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAABAgAGBQJUAMWyAAoJEDXWlwnsgJ4E+e8H/i9fDuI6JmjvyCOO2W4FHAe2 /2kspw2POsDHB6azRwogiQIBe63TX+ELEEwn3r8fzV+nqBhY5D7EUyeVBNpqoCaF XP6nMW60mJVEUQAYvge/h3eT8gU6iL+gppgdz+fVA0oTqsyGZ6uTtDOYGpitYPsW 68JxJZ4z56i8BSfMWmEtTeN4014M4yUw8SbMDG8/pGz0CCJepbTYbRgQJ6N4ji1R 43HzuH0gCd0aPRBMRN/xOdBuvJdvAK9ynUpr8UDyCEVsHY1NR08aKwnR5v4ais9L mGnxX2tl9aTGL+JYOVDDhOzcgRKSdSBDwXbIqQF4pYJK2fO9noNAVT2OEcY3o/s= =IUDd -----END PGP SIGNATURE----- --nextPart1939730.OEyclXybVc--