From owner-freebsd-net@freebsd.org Fri Mar 13 19:52:04 2020 Return-Path: Delivered-To: freebsd-net@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C3F19268890 for ; Fri, 13 Mar 2020 19:52:04 +0000 (UTC) (envelope-from hrs@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48fGYb4xV6z4dm9; Fri, 13 Mar 2020 19:52:03 +0000 (UTC) (envelope-from hrs@FreeBSD.org) Received: from localhost (unknown [IPv6:2409:11:a740:4700:16:ceff:fe34:2700]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) (Authenticated sender: hrs) by smtp.freebsd.org (Postfix) with ESMTPSA id E11ED13C88; Fri, 13 Mar 2020 19:52:02 +0000 (UTC) (envelope-from hrs@FreeBSD.org) Date: Sat, 14 Mar 2020 04:51:43 +0900 (JST) Message-Id: <20200314.045143.1650553685773092770.hrs@FreeBSD.org> To: jbe-mlist@magnetkern.de Cc: freebsd-net@freebsd.org Subject: Re: ifconfig prefer_source and IPv6 privacy extensions From: Hiroki Sato In-Reply-To: <20200313202833.cbbe8d1679ac0fd7a80788e1@magnetkern.de> References: <20200313202833.cbbe8d1679ac0fd7a80788e1@magnetkern.de> X-Old-PGPkey-fingerprint: BDB3 443F A5DD B3D0 A530 FFD7 4F2C D3D8 2793 CF2D X-PGPkey-fingerprint: 6C0D 2353 27CF 80C7 901E FDD2 DBB0 7DC6 6F1F 737F X-Mailer: Mew version 6.8 on Emacs 26.3 Mime-Version: 1.0 Content-Type: Multipart/Signed; protocol="application/pgp-signature"; micalg=pgp-sha512; boundary="--Security_Multipart(Sat_Mar_14_04_51_43_2020_031)--" Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Mar 2020 19:52:04 -0000 ----Security_Multipart(Sat_Mar_14_04_51_43_2020_031)-- Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit Jan Behrens wrote in <20200313202833.cbbe8d1679ac0fd7a80788e1@magnetkern.de>: jb> Dear all, jb> jb> I'm using FreeBSD 12.1 with an ISP that supports IPv6. I have IPv6 jb> privacy extensions enabled (ipv6_privacy="YES" in /etc/rc.conf which jb> sets net.inet6.ip6.prefer_tempaddr=1). jb> jb> Given my router and ISP (who supports IPv6), my machine's FreeBSD jb> system assigns me 5 addresses through IPv6 autoconfiguration: jb> jb> link-local: fe80::% jb> ULA: fd: jb> ULA privacy: fd: jb> Public: 2003:: jb> Public privacy: 2003:: jb> jb> When I setup a static IPv6 address in the ULA range, such as jb> (fd::2) and enable the "prefer_source" option (see man jb> ifconfig), the "prefer_source" option is ignored. It seems that jb> net.inet6.ip6.prefer_tempaddr=1 takes precedence. jb> jb> Calling sysctl net.inet6.ip6.prefer_tempaddr=0 fixes my problem but jb> disables privacy extensions altogether (which I would like to keep jb> enabled). jb> jb> Is it intended that "net.inet6.ip6.prefer_tempaddr" takes precedence jb> over "prefer_source"? If yes, why? Yes, and the reason is that RFC 6724 specifies that behavior. Why do you want to use fd::2 over fd: as the default source address? If prefer_source takes precedence, the tempaddr will nerver be used. -- Hiroki ----Security_Multipart(Sat_Mar_14_04_51_43_2020_031)-- Content-Type: application/pgp-signature Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- iMkEABMKAC4WIQRsDSNTJ8+Ax5Ae/dLbsH3Gbx9zfwUCXmvkTxAcaHJzQGZyZWVi c2Qub3JnAAoJENuwfcZvH3N/rM4CCQEBa9zavj3J3gO+aHG/a4merRQ4dHyPAJwx 9p9Tf5vYVAALN/R9K6463sFzA5T6MyEf6V0v4FXfzdYbr4+CxlI6ugII4DiHJ0xG RZxgNQ8++Z1HKzp/QR855EXw3YXQ5FYFq+5l7wWj3T49eO3nuCzC2djb8KkIg9GQ whkpZX3/Z2iRtHk= =i/XX -----END PGP SIGNATURE----- ----Security_Multipart(Sat_Mar_14_04_51_43_2020_031)----