From nobody Wed Apr 9 10:51:26 2025 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4ZXfrm2rQDz5stYg; Wed, 09 Apr 2025 10:51:36 +0000 (UTC) (envelope-from SRS0=NHG6=W3=klop.ws=ronald-lists@realworks.nl) Received: from smtp-relay-int-backup.realworks.nl (smtp-relay-int-backup.realworks.nl [87.255.56.188]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4ZXfrm0k6xz3GQp; Wed, 09 Apr 2025 10:51:36 +0000 (UTC) (envelope-from SRS0=NHG6=W3=klop.ws=ronald-lists@realworks.nl) Authentication-Results: mx1.freebsd.org; none Received: from smtp-relay-int-backup.realworks.nl (crmlive3.colo2.realworks.nl [10.2.52.23]) by mailrelayint2.colo2.realworks.nl (Postfix) with ESMTP id 4ZXfrb2cDRz1M6; Wed, 9 Apr 2025 12:51:27 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=klop.ws; s=rw2; t=1744195887; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=h1UpUvlmWYJBK5VTD+Djh7eUoMlc/cieTmia4j9K1N0=; b=UhdBjXRxO5DC5p5mT7uwHoAVBLzH+SlKzhNbRXnzllEekMkCmcd4ydCDbTSb89QZveQNuQ LvQ61ribQPsbmFo7NgwiVDaaLfsJccGzLmaXdXF1K3CJn9v7tfgl/0C3nZ29X0v7qfrz2i nz7adFiqttoGIXe6+4OC0JuZI1cX4FFRLkmImE6opSCbfIvsBsLvjTp2dmanzR7JG2k9zv 9BHZn62oGcoijNCgYolU8iAAROinWrDBThhIGcSRLVKudYMUw8bgs6bRetyCaO6UhtPfKT SXUbn/Ml0PeXeIvc+031A/3qArBwUqUr6lCQ+NTz3rlQE46XLMoEMnWJsUMhcw== Received: from crmlive3.colo2.realworks.nl (localhost [127.0.0.1]) by crmlive3.colo2.realworks.nl (Postfix) with ESMTP id 453E52A0716; Wed, 9 Apr 2025 12:51:26 +0200 (CEST) Date: Wed, 9 Apr 2025 12:51:26 +0200 (CEST) From: Ronald Klop To: Guido Falsi Cc: Marek Zarychta , FreeBSD Current , net@FreeBSD.org Message-ID: <1699210246.52160.1744195886991@localhost> In-Reply-To: <1b9603d8-7128-4809-9926-048426db122e@FreeBSD.org> References: <45b17684-75ef-4953-b59a-3c3b483ba21b@FreeBSD.org> <61dfdcac-4893-4c4b-b7e2-48164f1f0c80@plan-b.pwste.edu.pl> <1b9603d8-7128-4809-9926-048426db122e@FreeBSD.org> Subject: Re: RFC: Implementation of RFC 7217 [A Method for Generating Semantically Opaque Interface Identifiers, with IPv6 Stateless Address Autoconfiguration (SLAAC)] List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@FreeBSD.org MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_52159_965958018.1744195886988" X-Mailer: Realworks (744.6) X-Originating-Host: from (89-20-164-210.static.ef-service.nl [89.20.164.210]) by crmlive3 [10.2.52.23] with HTTP; Wed, 09 Apr 2025 12:51:26 +0200 Importance: Normal X-Priority: 3 (Normal) X-Originating-User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:137.0) Gecko/20100101 Firefox/137.0 X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:38930, ipnet:87.255.32.0/19, country:NL] X-Rspamd-Queue-Id: 4ZXfrm0k6xz3GQp X-Spamd-Bar: ---- ------=_Part_52159_965958018.1744195886988 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Hi, Next to hostuuid you could add a jailname in the mix. That is what ether_gen_addr(9) does to make it easier to prevent collisions while copying jails around or run a jail on a readonly shared base filesystem. Regards, Ronald. Van: Guido Falsi Datum: woensdag, 9 april 2025 12:17 Aan: Marek Zarychta , FreeBSD Current , net@FreeBSD.org Onderwerp: Re: RFC: Implementation of RFC 7217 [A Method for Generating Semantically Opaque Interface Identifiers, with IPv6 Stateless Address Autoconfiguration (SLAAC)] > > On 4/6/25 23:38, Marek Zarychta wrote: > > W dniu 6.04.2025 o 16:49, Guido Falsi pisze: > >> Hi! > >> > >> I have recently implemented and tested the patch at [1], which >> implements RFC 7217, about generating IPv6 addresses that are constant >> through reboots, but do not expose the MAC address of the machine, not >> being in any way derived by those. > >> > >> I'd like to get comments, testing and review for this patch, with the >> objective of getting approval to commit it to head once it is >> streamlined enough. > >> > >> BTW I'd like to thank cognet for his suggestions and help with the >> patch, in particular his help in finding the correct way to implement >> the dad_failures counter. > >> > >> > >> And thanks in advance to anyone willing to give feedback! > >> > >> > >> [1] https://reviews.freebsd.org/D49681 > >> > > This is great news for the community ! > > > > I've already started testing it on both a desktop and a laptop - which > is probably even more valuable, especially since the laptop will be > connecting to various networks. If I encounter any issues, I will post > comments in the review. > > I posted an updated patch, addressing feedback and containing some more improvements. > > If testing this new patch, the flag needs to be activated per interface with ifconfig(8) now, or via tunable in loader.conf. > > Should generate the same addresses it was generating before, with the only exception of the (relatively improbable) case that the previous patch was generating a reserved IPv6 address, which is now checked for and another one generated in such a case. > > -- > Guido Falsi > > > > ------=_Part_52159_965958018.1744195886988 Content-Type: text/html; charset=us-ascii Content-Transfer-Encoding: 7bit Hi,

Next to hostuuid you could add a jailname in the mix.

That is what ether_gen_addr(9) does to make it easier to prevent collisions while copying jails around or run a jail on a readonly shared base filesystem.

Regards,
Ronald.

 

Van: Guido Falsi <madpilot@FreeBSD.org>
Datum: woensdag, 9 april 2025 12:17
Aan: Marek Zarychta <zarychtam@plan-b.pwste.edu.pl>, FreeBSD Current <freebsd-current@freebsd.org>, net@FreeBSD.org
Onderwerp: Re: RFC: Implementation of RFC 7217 [A Method for Generating Semantically Opaque Interface Identifiers, with IPv6 Stateless Address Autoconfiguration (SLAAC)]

On 4/6/25 23:38, Marek Zarychta wrote:
> W dniu 6.04.2025 o 16:49, Guido Falsi pisze:
>> Hi!
>>
>> I have recently implemented and tested the patch at [1], which >> implements RFC 7217, about generating IPv6 addresses that are constant >> through reboots, but do not expose the MAC address of the machine, not >> being in any way derived by those.
>>
>> I'd like to get comments, testing and review for this patch, with the >> objective of getting approval to commit it to head once it is >> streamlined enough.
>>
>> BTW I'd like to thank cognet for his suggestions and help with the >> patch, in particular his help in finding the correct way to implement >> the dad_failures counter.
>>
>>
>> And thanks in advance to anyone willing to give feedback!
>>
>>
>> [1] https://reviews.freebsd.org/D49681
>>
> This is great news for the community !
>
> I've already started testing it on both a desktop and a laptop - which > is probably even more valuable, especially since the laptop will be > connecting to various networks. If I encounter any issues, I will post > comments in the review.

I posted an updated patch, addressing feedback and containing some more improvements.

If testing this new patch, the flag needs to be activated per interface with ifconfig(8) now, or via tunable in loader.conf.

Should generate the same addresses it was generating before, with the only exception of the (relatively improbable) case that the previous patch was generating a reserved IPv6 address, which is now checked for and another one generated in such a case.

-- 
Guido Falsi <madpilot@FreeBSD.org>
 

  ------=_Part_52159_965958018.1744195886988--