From owner-freebsd-net@FreeBSD.ORG  Fri Apr  4 02:34:01 2014
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 65DBC47C;
 Fri,  4 Apr 2014 02:34:01 +0000 (UTC)
Received: from feynman.konjz.org (feynman.konjz.org [64.147.119.39])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 1150FC79;
 Fri,  4 Apr 2014 02:34:00 +0000 (UTC)
Received: from 127.0.0.1 (tor.t-3.net [64.113.32.29]) (authenticated bits=0)
 by feynman.konjz.org (8.14.7/8.14.4) with ESMTP id s342J8bq075512
 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO);
 Thu, 3 Apr 2014 22:19:23 -0400 (EDT)
 (envelope-from george@ceetonetechnology.com)
Message-ID: <533E1699.5050901@ceetonetechnology.com>
Date: Thu, 03 Apr 2014 22:19:05 -0400
From: George Rosamond <george@ceetonetechnology.com>
MIME-Version: 1.0
To: freebsd-hackers@freebsd.org, freebsd-net@freebsd.org
Subject: net.inet.ip.random_id
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Apr 2014 02:34:01 -0000

Sorry for the cross-post, but assume this is relevant to both lists.

It's regarding the default setting of net.inet.ip.random_id to 0

This disclosure has caused a bit of a stir on the Tor-relays list
starting with this post:

https://lists.torproject.org/pipermail/tor-relays/2014-March/004199.html

FreeBSD is one of the OS's not implementing random IP IDs by default.  I
know OpenBSD has for a long while.

I vaguely remember someone referring to some specific application
compatibility with IP ID randomness in the distant past... Or should it
just default to '1'?

g