Re: Disabling ip4 and IPV6 on F20RC1





----- Original Message -----
From: "Bjørn Mork" <bjorn mork no>
To: "Pavel Simerda" <psimerda redhat com>
Cc: "Tore Anderson" <tore fud no>, networkmanager-list gnome org
Sent: Tuesday, December 17, 2013 2:00:55 PM
Subject: Re: Disabling ip4 and IPV6 on F20RC1

Pavel Simerda <psimerda redhat com> writes:

there isn't any possibility to disable IPv6 link-local addresses. In
fact it's not properly supported even in the kernel.

echo 1 > /proc/sys/net/ipv6/conf/$DEVICE/disable_ipv6 works for me?

1) First of all it doesn't *specifically* disable kenrel link-local
addresses allocation but performs some magic to disable a couple of
IPv6 features at once. This wouldn't be a problem in the original
poster's case as he wants to disable IPv6 anyway.

That's sort of implied, isn't it?

No.

You cannot remove all IPv6 LL addresses from an interface without disabling IPv6.

Of course you can.

This is a protocol
requirement.  Ref e.g. RFC 4291:

   2.8.  A Node's Required Addresses

   A host is required to recognize the following addresses as
   identifying itself:

      o Its required Link-Local address for each interface..
[etc]

Good. That's properly sourced.

But unfortunately we need to be a little bit careful about the theory written down on paper and the actual 
needs. Linux has the long history of allowing more than just blind following of what's written down. And I'm 
not the only person who repeatedly proved that IPv6 standards are not yet mature and that some of the 
requirements and suggestions don't lead to good network experience.

So it appears to be my view against the details written down in one of the very RFCs and I'm indeed going to 
speak up my concerns with the IETF as well (and the list of those is quite big).

Honestly, those requirements seem to be overly tailored towards automatically configured hosts that I'm not 
sure whether we should even think about enforcing this against the administrator's will, especially when it 
doesn't bring him any value.

2) But setting disable_ipv6 doesn't really work as expected. See [1]
and especially the note about disable_ipv6 below the table.

I read that note, but couldn't figure out what expectations that would
be.

Dan Winship claimed that setting disable_ipv6 to 1 and then back to 0 does change the internal kernel 
configuration even though it should be back at the same state at that time. Let's ask him (Cc) for the 
details. I haven't tested it myself, so I don't think I can provide the necessary information right now.

FWIW, disable_ipv6 works for me as well. That is:  The behaviour
matches my expectations.  Which are

  /proc/sys/net/ipv6/conf/$DEVICE/disable_ipv6 = 1
     => no IPv6 LL address on $DEVICE

  /proc/sys/net/ipv6/conf/$DEVICE/disable_ipv6 = 0
     => IPv6 supported, including an EUI-64 based LL address

  changing IFF_UP does not affect the above in any way

Interesting, let's see what Dan will come up with.

Are you sure this wasn't one of the bugs fixed by commit 73a8bd74e261
("ipv6: Revert 'administrative down' address handling changes.")?

Seems to be pretty old... let's wait for Dan's answer.

Which could be a FreeBSD kernel for all I know :-)

Since when is FreeBSD supported by NetworkManager which has a hard requirement on udev and libnl?

Cheers,

Pavel


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]