netdev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Disabling IPv6 accept_ra on just some interface (fwd)

from [Pekka Savola] [Permanent Link][Original]
To: netdev@xxxxxxxxxxx
Subject: Re: Disabling IPv6 accept_ra on just some interface (fwd)
From: Pekka Savola <pekkas@xxxxxxxxxx>
Date: Tue, 3 Feb 2004 23:55:37 +0200 (EET)
Sender: netdev-bounce@xxxxxxxxxxx 
Now that 2.6.x series in in a swing, being able to control, from the 
userspace, when to send RA's and when to shut them off would be very 
beneficial (2.4 too :).

In particular, consider a distribution which wants to allow disabling 
autoconfig on one interface.  When it's possible to do so, it's 
already too late..

---------- Forwarded message ----------
Date: Mon, 27 Oct 2003 15:05:42 +0200 (EET)
From: Pekka Savola <pekkas@xxxxxxxxxx>
To: "YOSHIFUJI Hideaki / [iso-2022-jp] 吉藤英明"
    <yoshfuji@xxxxxxxxxxxxxx>
Cc: netdev@xxxxxxxxxxx, sekiya@xxxxxxxxxx
Subject: Re: Disabling IPv6 accept_ra on just some interface

On Mon, 27 Oct 2003, YOSHIFUJI Hideaki / [iso-2022-jp] 吉藤英明 wrote:
> In article <Pine.LNX.4.44.0310231457110.3347-100000@xxxxxxxxxx> (at Thu, 23 
> Oct 2003 15:22:47 +0300 (EEST)), Pekka Savola <pekkas@xxxxxxxxxx> says:
> > So, my thought (comments welcome) is:
> > 
> >  1) when accept_ra changes from 0 -> 1, initiate the route 
> >     solicitation process, likewise as one would when the interface is 
> >     brought up.
> > 
> >     Makes sense?
> > 
> >  2) (probably not a good idea, but some food for thought..) when accept_ra 
> >     changes from 1 -> 0, delete any autoconfigured routes or
> >     prefixes.  (could be ugly / dangerous..)
> 
> Well, we'd propose to have another config "send_rs" or something like that
> because accept_ra is also effective against unsolicited RAs.
> It, "send_rs," tells kernel to start sending RS 
> when the variable is changed 0 to 1 and/or 
> when interface is going up.

I don't have any major objections to this model, I'm just worried that it
might make the configuration more complex (we already have accept_ra and
"autoconf" toggles which are confusing enough without documentation :-)
with little gain.

That is, is there any case when you'd want to accept an RA but *not* send 
RS?  I fail to see clear applicability for this, hence my proposal to 
overload accept_ra :-)

> Assume the node has eth0 and eth1.
> Operation will be something like the following.
> 
> If you want to listen RA and to send RS on some interfaces,
>  sysctl -w net.ipv6.conf.default.accept_ra=0
>  sysctl -w net.ipv6.conf.default.send_rs=0
>  ifup -a
>  sysctl -w net.ipv6.conf.eth0.accept_ra=1
>  sysctl -w net.ipv6.conf.eth0.send_rs=1
> 
> If you want to listen RA on all interfaces, but do not want to send RS on 
> some of them, 
>  sysctl -w net.ipv6.conf.default.accept_ra=1
>  sysctl -w net.ipv6.conf.default.send_rs=0
>  ifup -a
>  sysctl -w net.ipv6.cont.eth0.send_rs=1
> 
> 

-- 
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • Re: Disabling IPv6 accept_ra on just some interface (fwd), Pekka Savola <=
Previous by Date:  Re: [PATCH] fix netfilter refcounting [was Re: Conntrack leak (2.6.2rc2)], David S. Miller
Next by Date:  [PATCH] sundance: correct printk of dma_addr_t, Randy.Dunlap
Previous by Thread:  Re: [PATCH|RFC] IPv6: have a proxy discard link-local traffic, YOSHIFUJI Hideaki / 吉藤英明
Next by Thread:  [PATCH] sundance: correct printk of dma_addr_t, Randy.Dunlap
Indexes:  [Date] [Thread] [Top] [All Lists]