git: 81075203a057 - main - EC2: Turn off IPv6 DAD
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 26 Nov 2021 03:10:24 UTC
The branch main has been updated by cperciva:
URL: https://cgit.FreeBSD.org/src/commit/?id=81075203a057c9ba3467a7f90ea1e9469d7f7723
commit 81075203a057c9ba3467a7f90ea1e9469d7f7723
Author: Colin Percival <cperciva@FreeBSD.org>
AuthorDate: 2021-11-23 04:16:34 +0000
Commit: Colin Percival <cperciva@FreeBSD.org>
CommitDate: 2021-11-26 03:08:48 +0000
EC2: Turn off IPv6 DAD
Disable Duplicate Address Detection in EC2 instances. The networking
configuration in EC2, with IPv6 addresses assigned by DHCPv6 and
host egress filtering, makes "duplicate addresses" impossible.
This speeds up the boot process in EC2 by 2 seconds.
Reviewed by: kp, imp, bz
MFC after: 2 weeks
Sponsored by: https://www.patreon.com/cperciva
Differential Revision: https://reviews.freebsd.org/D33091
---
release/tools/ec2.conf | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/release/tools/ec2.conf b/release/tools/ec2.conf
index 2bf47b01077d..f0665646088b 100644
--- a/release/tools/ec2.conf
+++ b/release/tools/ec2.conf
@@ -70,6 +70,10 @@ vm_extra_pre_umount() {
echo 'rtsold_enable="YES"' >> ${DESTDIR}/etc/rc.conf
echo 'rtsold_flags="-M /usr/local/libexec/rtsold-M -a"' >> ${DESTDIR}/etc/rc.conf
+ # Turn off IPv6 Duplicate Address Detection; the EC2 networking
+ # configuration makes it unnecessary.
+ echo 'net.inet6.ip6.dad_count=0' >> ${DESTDIR}/etc/sysctl.conf
+
# Provide a script which rtsold can use to launch DHCPv6
mkdir -p ${DESTDIR}/usr/local/libexec
cat > ${DESTDIR}/usr/local/libexec/rtsold-M <<'EOF'