Proposal: Enable IPv6 Privacy Extensions (RFCs 3041/4941) by
default
Steve Bertrand
steve at ibctech.ca
Tue Jun 10 12:42:05 UTC 2008
Randy Bush wrote:
>> To address those privacy concerns RFC 3041 was written, and eventually
>> obsoleted by RFC 4941. ftp://ftp.rfc-editor.org/in-notes/rfc4941.txt
>> Our IPv6 implementation comes with the code to enable this feature,
>> but by default it is turned off. My proposal is to enable it by
>> default, and give the user a knob in rc.conf to turn it off.
>
> the only drawback is that forward and reverse dns would not be easily
> filled. but anyone who relies on a mac address for dns hacking is
> asking for trouble; use dhcpv6 or hard code the host's ip address in
> /etc/rc.conf.
DNS in this context is really of least concern, and there are simple
ways around that as Randy states.
I would think that enabling IPv6 Privacy Extensions by default would
have no worse effect on a host in regards to DNS than a similar
situation with IPv4 Auto Configuration.
> so i have no problem with the change. thanks for asking.
I also support following the specification by default.
Steve
More information about the freebsd-net
mailing list