Forward: HEADS UP! Default value of ip6_v6only changed

[Christian Weisgerber]

Hajimu UMEMOTO <ume at mahoroba.org> wrote:

> Our default of net.inet6.ip6.v6only was off in 4.X, and was changed to
> on on 5.X to follow NetBSD's practice.  This behavior on 5.X breaks
> RFC2553/3493, and the change was intentional from security
> consideration.  But, NetBSD changed it off by default.

OpenBSD's behavior is equivalent to v6only on, and OpenBSD doesn't
even provide a knob.

Note that the default choice has a major impact on 3rd party software
(ports).  If we ship with a default of v6only off, then people will
not fix software to open two sockets.  This in turn means that
turning v6only on will break this software.  I predict that a good
many people will then consider the v6only option to be useless.

I understand that itojun would like to see this aspect of RFC2553
amended.  I don't know what the prospects of this happening are on
the IETF level.

-- 
Christian "naddy" Weisgerber                          naddy at mips.inka.de