From nobody Fri May 9 12:47:38 2025 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Zv81418lQz5vdh2 for ; Fri, 09 May 2025 12:47:52 +0000 (UTC) (envelope-from zarychtam@plan-b.pwste.edu.pl) Received: from plan-b.pwste.edu.pl (plan-b.pwste.edu.pl [IPv6:2001:678:618::40]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "plan-b.pwste.edu.pl", Issuer "GEANT OV RSA CA 4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Zv813424Cz3Grr for ; Fri, 09 May 2025 12:47:51 +0000 (UTC) (envelope-from zarychtam@plan-b.pwste.edu.pl) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=plan-b.pwste.edu.pl header.s=plan-b-mailer header.b=kzqPS+Uq; spf=pass (mx1.freebsd.org: domain of zarychtam@plan-b.pwste.edu.pl designates 2001:678:618::40 as permitted sender) smtp.mailfrom=zarychtam@plan-b.pwste.edu.pl; dmarc=pass (policy=quarantine) header.from=plan-b.pwste.edu.pl Received: from [192.168.7.70] (dom.potoki.eu [62.133.140.50]) (authenticated bits=0) by plan-b.pwste.edu.pl (8.18.1/8.17.2) with ESMTPSA id 549ClcIN079078 (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO); Fri, 9 May 2025 14:47:38 +0200 (CEST) (envelope-from zarychtam@plan-b.pwste.edu.pl) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=plan-b.pwste.edu.pl; s=plan-b-mailer; t=1746794859; bh=7aaKnDD3olvtYlBw4OxxiAp0cTWAd3ZEvrpS8yQpnEE=; h=Date:Subject:To:References:From:In-Reply-To; b=kzqPS+UqIeIAi5QuOZm0wWbmqoQ6iZadZOodbZQP/Ta23Et+HJk/vBFUuOEL2RNgz LfMago+HZBGsHNyeep2EouCD3CSIVHsywrksLAxFyvc6M8c3qzk7aayx1KPL4oA5Zy eXX+m5oxsmwwT6d+i6WyqB7qz1ZBT+g4uW2mOmDcgdiFpJO//WfA0ktoKEyfxP/Nsy HCXEmQFwc8dXLnHlR+Y2UzEvV2pDPEd3yUe1Je1vIWge/ONWEv58WZa/3U57Ds1Utn HnB5/YzGA8j7qeNXxmnGeQTlgbiBXIt8LmetlNwh5CHh/zRSJDP2y5qemi4sETVv6o FriPK9aynmX2w== X-Authentication-Warning: plan-b.pwste.edu.pl: Host dom.potoki.eu [62.133.140.50] claimed to be [192.168.7.70] Message-ID: Date: Fri, 9 May 2025 14:47:38 +0200 List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@FreeBSD.org MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: RFC: Implementation of RFC 7217 [A Method for Generating Semantically Opaque Interface Identifiers, with IPv6 Stateless Address Autoconfiguration (SLAAC)] To: FreeBSD Current , net@FreeBSD.org References: <45b17684-75ef-4953-b59a-3c3b483ba21b@FreeBSD.org> <6227419f-296e-4532-ad16-01e26a8fc4bc@FreeBSD.org> Content-Language: en-US From: Marek Zarychta Autocrypt: addr=zarychtam@plan-b.pwste.edu.pl; keydata= xsBNBFfi3cMBCADLecMTFXad4uDXqv3eRuB4qJJ8G9tzzFezeRnnwxOsPdytW5ES2z1ibSrR IsiImx6+PTqrAmXpTInxAi7yiZGdSiONRI4CCxKY9d1YFiNYT/2WyNXCekm9x29YeIU7x0JB Llbz0f/9HC+styBIu2H+PY/X98Clzm110CS+n/b9l1AtiGxTiVFj7/uavYAKxH6LNWnbkuc5 v8EVNc7NkEcl5h7Z9X5NEtzDxTOiBIFQ/kOT7LAtkYUPo1lqLeOM2DtWSXTXQgXl0zJI4iP1 OAu4qQYm2nXwq4b2AH9peknelvnt1mpfgDCGSKnhc26q6ibTfMwydp+tvUtQIQYpA6b9ABEB AAHNN01hcmVrIFphcnljaHRhIChQbGFuLWIpIDx6YXJ5Y2h0YW1AcGxhbi1iLnB3c3RlLmVk dS5wbD7CwHcEEwEIACEFAlfi4LkCGwMFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQHZW8 vIFppoJXdgf8D9X3VRFSNaR9lthSx/+uqas17J3FJKBo1xMQsC2a+44vzNvYJSuPGLLJ+LW2 HPVazjP/BWZJbxOYpliY4zxNRU0YCp0BLIVLibc//yax+mE42FND/+NiIZhqJscl6MLPrSwo sIwXec4XYkldkyqW/xBbBYXoIkBqdKB9j5j42Npy1IV/RizOSdmvTWY27ir8e/yGMR1RLr4F 8P5K3OWTdlGy2H2F/3J8bIPBLG6FpaIyLQw4dHSx8V02PYqDxK1cNo2kAOnU8PnZL/AGuMOH iv3MN1VYL8ehcmpBBsrZGebQJxrjY2/5IaTSgp9xHYT70kshuU6Qb97vk1mOjNZxgc7ATQRX 4t3DAQgA10h6RCXuBLMHxq5B8X/ZIlj9sgLoeyfRdDZEc9rT2KUeUJVHDsbvOFf4/7F1ovWY hJbA6GK/LUZeHHTjnbZcH1uDYQeHly4UOLxeEvhGoz4JhS2C7JzN/uRnwbdOAUbJr8rUj/IY a7gk906rktsc/Ldrxrxh7O6WO0JCh2XO/p4pDfEwwB37g4xHprSab28ECYJ9JMbtA8Sy4M55 g3+GQ28FvSlGnx48OoGXU2BZdc1vZKSQmNOlikB+9/hDX8zdYWVfDaX1TLQ8Ib4+xTUmapza mV/bxIsaZRBw+jFjLQHhTbIMfPEU+4mxFDvTdbKPruKPqVf1ydgMnPZWngowdwARAQABwsBf BBgBCAAJBQJX4t3DAhsMAAoJEB2VvLyBaaaC6qkIAJs9sDPqrqW0bYoRfzY6XjDWQ59p9tJi v8aogxacQNCfAu+WkJ8PNVUtC1dlVcG5NnZ80gXzd1rc8ueIvXlvdanUt/jZd8jbb3gaDbK3 wh1yMCGBl/1fOJTyEGYv1CRojv97KK89KP5+r8x1P1iHcSrunlDNqGxTMydNCwBH23QcOM+m u4spKnJ/s0VRBkw3xoKBZfZza6fTQ4gTpAipjyk7ldOGBV+PvkKATdhK2yLwuWXhKbg/GRlD 1r5P0gxzSqfV4My+KJuc2EDcrqp1y0wOpE1m9iZqCcd0fup5f7HDsYlLWshr7NQl28f6+fQb sylq/j672BHXsdeqf/Ip9V4= In-Reply-To: <6227419f-296e-4532-ad16-01e26a8fc4bc@FreeBSD.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 4Zv813424Cz3Grr X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.03 / 15.00]; DWL_DNSWL_MED(-2.00)[pwste.edu.pl:dkim]; NEURAL_SPAM_SHORT(0.95)[0.946]; DMARC_POLICY_ALLOW(-0.50)[plan-b.pwste.edu.pl,quarantine]; RCVD_DKIM_ARC_DNSWL_MED(-0.50)[]; NEURAL_HAM_MEDIUM(-0.39)[-0.395]; RCVD_IN_DNSWL_MED(-0.20)[2001:678:618::40:from]; ONCE_RECEIVED(0.20)[]; R_DKIM_ALLOW(-0.20)[plan-b.pwste.edu.pl:s=plan-b-mailer]; R_SPF_ALLOW(-0.20)[+mx:c]; MIME_GOOD(-0.10)[text/plain]; NEURAL_HAM_LONG(-0.08)[-0.085]; RCPT_COUNT_TWO(0.00)[2]; MIME_TRACE(0.00)[0:+]; ARC_NA(0.00)[]; RCVD_TLS_ALL(0.00)[]; ASN(0.00)[asn:206006, ipnet:2001:678:618::/48, country:PL]; RCVD_COUNT_ONE(0.00)[1]; TO_MATCH_ENVRCPT_SOME(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]; DKIM_TRACE(0.00)[plan-b.pwste.edu.pl:+]; MLMMJ_DEST(0.00)[net@FreeBSD.org]; RCVD_VIA_SMTP_AUTH(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; TO_DN_SOME(0.00)[]; HAS_XAW(0.00)[] W dniu 7.05.2025 o 08:48, Guido Falsi pisze: > Hello! > > I have polished the patch and it did get further testing. > > I've been asked to get one more approval from someone more > knowledgeable about the IPv6 stack before being able to commit this code. > > It works fine and I'd like to commit it soon so it can get proper > testing and avoid rotting as a patch. > > Since I am not src committer I'll need explicit approval to commit to > the src tree. > > > Thanks in advance! Thank you for working on this implementation. It looks like complete and ready to ship, but I am only FreeBSD user, so I can't support you much. There is probably concern if your contribution breaks something for the user XY running XXX year old code someone will have to fix it. This fear prevents pushing things further. That's the tradeoff. Please let me note that we are still in pair with NetBSD and DFflyBSD - the cherished implementation from WIDE and KAME projects was left almost untouched. There is no need to modify or rewrite this code; it's decent code, a model implementation, and it will not be a trivial task, but maybe adding enhancements, only tested ones, one by one, is the way to go. It seems that some people have already given up on IPv6 in FreeBSD and do not consider FreeBSD to be a popular OS anymore. Let me cite a 2 and 1/2 years old post from RIPE ipv6-wg mailing list:  "After over 10 (yes, *ten*) years, we have finally addressed security/privacy issues in the generation of IPv6 stable addresses in most popular operating systems. (...) Over time, popular operating systems and packages adopted the proposed algorithm: the Linux kernel, NetworkManager, OpenBSD's slaacd, MacOS, etc. Eventually, virtually every popular OS had adopted the scheme.... except Windows (...)"[1]. [1] https://mailman.ripe.net/archives/list/ipv6-wg@ripe.net/thread/IV46DM2TD4XUTMJITSF3T43OUC3V3RND/ Cheers Marek > > > On 4/6/25 16:49, Guido Falsi wrote: >> Hi! >> >> I have recently implemented and tested the patch at [1], which >> implements RFC 7217, about generating IPv6 addresses that are >> constant through reboots, but do not expose the MAC address of the >> machine, not being in any way derived by those. >> >> I'd like to get comments, testing and review for this patch, with the >> objective of getting approval to commit it to head once it is >> streamlined enough. >> >> BTW I'd like to thank cognet for his suggestions and help with the >> patch, in particular his help in finding the correct way to implement >> the dad_failures counter. >> >> >> And thanks in advance to anyone willing to give feedback! >> >> >> [1] https://reviews.freebsd.org/D49681 >> >> >