Date: Mon, 8 Jan 2001 10:16:51 -0500 From: Leo Bicknell <bicknell@ufp.org> To: David Malone <dwmalone@maths.tcd.ie> Cc: Leo Bicknell <bicknell@ufp.org>, freebsd-bugs@FreeBSD.org Subject: Re: conf/24130: rc.network6 assumes single ipv6 interface is always the first interface Message-ID: <20010108101651.A13728@ussenterprise.ufp.org> In-Reply-To: <20010108133406.A58411@walton.maths.tcd.ie>; from David Malone on Mon, Jan 08, 2001 at 01:34:06PM %2B0000 References: <200101072330.f07NU2U27541@freefall.freebsd.org> <20010108133406.A58411@walton.maths.tcd.ie>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jan 08, 2001 at 01:34:06PM +0000, David Malone wrote: > I think the link local addresses are created automatically if the > interface is marked as up. I think it is intentional, but I don't > know. Maybe one of the KAME guys could explain. > > Do you think I should close this PR? I believe the right thing to do is close this PR, and open some others. Let me see if you agree. I see the following as bugs: 1) fxp0 always gets a link local address. If you configure any other interface to do IPv6 autoconfig (eg, accept router solicitations) fxp0 will accept them as well, and if it happens to be a v6 network you now have two autoconfigured interfaces, which is bad. Put simply, there should be _NO_ IPv6 on an interface unless you say "auto" or explicity list it, just like IPv4. 2) The only way to configure multiple IPv6 aliases on an interface is to use the IPv4 variables (ifconfig_fxp0, ifconfig_fxp0_alias0, ifconfig_fxp0_alias1, etc). For instance, what I want to have happen is this: ifconfig fxp1 inet6 2001:0438:1FFF:FFFB::210 prefixlen 128 alias ifconfig fxp1 inet6 2001:0438:1FFF:FFFB::211 prefixlen 128 alias ifconfig fxp1 inet6 2001:0438:1FFF:FFFB::212 prefixlen 128 alias ifconfig fxp1 inet6 2001:0438:1FFF:FFFB::213 prefixlen 128 alias ifconfig fxp1 inet6 2001:0438:1FFF:FFFB::214 prefixlen 128 alias ifconfig fxp1 inet6 2001:0438:1FFF:FFFB::215 prefixlen 128 alias ifconfig fxp1 inet6 2001:0438:1FFF:FFFB::216 prefixlen 128 alias ifconfig fxp1 inet6 2001:0438:1FFF:FFFB::217 prefixlen 128 alias ifconfig fxp1 inet6 2001:0438:1FFF:FFFB::218 prefixlen 128 alias ifconfig fxp1 inet6 2001:0438:1FFF:FFFB::219 prefixlen 128 alias There should be some way to specify this in the IPv6 config, preferably just as the lower 64 bits, with it using router discovery to find the upper 64 bits. 3) The acceptance of router solicitations is a global variable, and should be per-interface. The reason is if you are connected to multiple IPv4 networks, and a single IPv6 network, you may want to autoconfigure the IPv6 network. If you do this, and accept router solicitations, a misconfiguration/malicious user on the IPv4 segments could send an Ipv6 router advertisement and grealy confuse the IPv6 stack. Again, if an interface doesn't run IPv6, it shouldn't accept IPv6 packets. (Note, this may go away if point 1 is fixed, that is they are being processed today because there is a link local address.) -- Leo Bicknell - bicknell@ufp.org Systems Engineer - Internetworking Engineer - CCIE 3440 Read TMBG List - tmbg-list-request@tmbg.org, www.tmbg.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010108101651.A13728>