From owner-freebsd-net@FreeBSD.ORG Wed Aug 27 08:20:39 2014
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
(using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
(No client certificate requested)
by hub.freebsd.org (Postfix) with ESMTPS id A5B63A9E
for <freebsd-net@freebsd.org>; Wed, 27 Aug 2014 08:20:39 +0000 (UTC)
Received: from bravo.jonathanprice.org (bravo.jonathanprice.org
[5.135.154.174]) by mx1.freebsd.org (Postfix) with ESMTP id 6777B3284
for <freebsd-net@freebsd.org>; Wed, 27 Aug 2014 08:20:39 +0000 (UTC)
Received: by bravo.jonathanprice.org (Postfix, from userid 58)
id 5AABB1E67; Wed, 27 Aug 2014 08:20:38 +0000 (UTC)
Received: from mail.jonathanprice.org (bravo.jonathanprice.org [5.135.154.174])
by bravo.jonathanprice.org (Postfix) with ESMTPSA id 06B4E1E61;
Wed, 27 Aug 2014 08:20:36 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=jonathanprice.org;
s=default; t=1409127636;
bh=CB3ibd/JjWTZZn2Oep9dTqc5tJ42yxRWsC7PCL2/7WI=;
h=Date:From:Subject:To:Cc:In-Reply-To:References;
b=N0PuWsJUOlt20Wbq+PZS7nY7A9lUICJhGLKDTS4zPye4DxnD1Mp5t/RoIvkiWXtbl
4J7Cr3tiiHpc24BnUbqyYDjiebTQVYJvi8O6D1ylF3K8dqtbOAEEja8Y7MBjZJdXfD
pufXL1q6OK+6astrzr9/88S/NCZ8fs8pi+2E8WTY=
Mime-Version: 1.0
Date: Wed, 27 Aug 2014 08:20:35 +0000
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: Quoted-Printable
Message-ID: <2c1d74944371a4be730ff1b666489467@mail.jonathanprice.org>
X-Mailer: RainLoop/1.6.8.153
From: freebsd@jonathanprice.org
Subject: Re: Should I be using ipv6_activate_all_interfaces or
ip6addrctl_policy="ipv6_prefer"
To: "Kevin Oberman" <rkoberman@gmail.com>
In-Reply-To: <CAN6yY1uxft_3cTkWV8NTnOai-928DnS3uW-XyD3BwcCvjBKeQw@mail.gmail.com>
References: <CAN6yY1uxft_3cTkWV8NTnOai-928DnS3uW-XyD3BwcCvjBKeQw@mail.gmail.com>
<88a42e1006e3fac7508a9419e342f1b2@mail.jonathanprice.org>
<2173103.SJdXL7NPLT@overcee.wemm.org>
<53FD7B34.1050408@jonathanprice.org>
Cc: freebsd-net@freebsd.org
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Aug 2014 08:20:39 -0000
> While doubting Peter's networking answers is usually foolish, I think t=
his=0A> one is at least a bit misleading. As he says,=0A> ipv6_activate_a=
ll_interfaces=3D"YES" will set all interfaces on the system to=0A> -ifdis=
able which, since it is an IPv6 option, will enable IPv6 on all=0A> inter=
faces. NO will disable IPv6 on all interfaces.=0A> =0A> But it is related=
to ipaddrctl_policy as it will set ipaddrctl_policy to=0A> "ipv6_prefer"=
if no explicit setting overrides it.=0A> =0A> So IPv6 is working, and "s=
sh -6" does use IPv6. I'd still like to see the=0A> output of ip6addrctl.=
It should look like:=0A> ::1/128 50 0=0A> ::/0 40 1=0A> ::ffff:0:0/96 35=
4=0A> 2002::/16 30 2=0A> 2001::/32 5 5=0A> fc00::/7 3 13=0A> ::/96 1 3=
=0A> fec0::/10 1 11=0A> 3ffe::/16 1 12=0A> =0A> For more explanation, loo=
k at /etc/rc.d/ip6addrctl and /etc/network.subr.=0A> =0A> The list of pre=
fixes set by it should match what I list above. If=0A> 'ipv6_activate_all=
_interfaces=3D"NO"', or ipaddrctl_policy=3D"ipv4_prefer",=0A> you should =
get:=0A> ::1/128 50 0=0A> ::/0 40 1=0A> ::ffff:0:0/96 100 4=0A> 2002::/16=
30 2=0A> 2001::/32 5 5=0A> fc00::/7 3 13=0A> ::/96 1 3=0A> fec0::/10 1 1=
1=0A> 3ffe::/16 1 12=0A> =0A> Any other output indicates manual setting o=
f the policy. the "magic" is the=0A> precedence of ::ffff:0:0/96 which is=
an odd way of saying IPv4.=0A> I generally recommend ipv6_activate_all.=
=0A> =0A> Now I fear Peter will explain how I have misread the code.=0A=
=0APlease excuse me if I'm wrong, but I think ipv6_activate_all_interface=
s=3D"NO" only=0Aifdisable's interfaces which don't explicitly have an ifc=
onfig_IF_ipv6 line. Partly=0Abecause it's set to NO by default, and partl=
y because of the following extract from=0A/etc/defaults/rc.conf:=0A=0A"If=
NO, interfaces which have no corresponding $ifconfig_IF_ipv6 is marked a=
s IFDISABLED for security reason."=0A=0AThis being the case, what exactly=
does the ifdisable stop the interface doing if it=0Adoesn't have an addr=
ess anyway?=0A=0AYes, I'd also noticed /etc/rc.d/ip6addrctl, that's actua=
lly what got me curious about=0Athis in the first place, as I could essen=
tially achieve my desired effect with both =0Aipv6_activate_all_interface=
s=3D"YES" and ip6addrctl_policy=3D"ipv6_prefer".=0A=0ASure, below is the =
output of ip6addrctl from a server without either tunable (meaning,=0Abot=
h were removed from rc.conf completely):=0A=0APrefix =
Prec Label Use=0A::1/128 50 0 =
0=0A::/0 40 1 90=0A::ffff:0.0.=
0.0/96 100 4 0=0A2002::/16 =
30 2 0=0A2001::/32 5 5 =
0=0Afc00::/7 3 13 0=0A::/96 =
1 3 0=0Afec0::/10 =
1 11 0=0A3ffe::/16 1 12 0=
=0A=0ABelow is the output of ip6addrctl after rebooting with just "ipv6_a=
ctivate_all_interfaces=3DYES"=0A=0APrefix Prec L=
abel Use=0A::1/128 50 0 0=0A::/=
0 40 1 68=0A::ffff:0.0.0.0/96 =
35 4 0=0A2002::/16 30 =
2 0=0A2001::/32 5 5 0=0Afc00::=
/7 3 13 0=0A::/96 =
1 3 0=0Afec0::/10 1 11 =
0=0A3ffe::/16 1 12 0=0A=0AAnd fi=
nally, below is the output of ip6addrctl after rebooting with just ip6add=
rctl_policy=3D"ipv6_prefer"=0A=0APrefix Prec Lab=
el Use=0A::1/128 50 0 0=0A::/0 =
40 1 72=0A::ffff:0.0.0.0/96 =
35 4 0=0A2002::/16 30 2 =
0=0A2001::/32 5 5 0=0Afc00::/7=
3 13 0=0A::/96 =
1 3 0=0Afec0::/10 1 11 =
0=0A3ffe::/16 1 12 0=0A=0ASo that =
does prove that, at least for the purposes of ip6addrctl, the two tunable=
s are performing=0Athe same function.