Enable IPv6 Privacy Extensions by default
Rui Paulo
rpaulo at me.com
Wed Jun 14 06:14:44 UTC 2017
On Tue, 2017-06-13 at 22:57 -0400, Garrett Wollman wrote:
> In article <1497408664.2220.3.camel at me.com>, rpaulo at me.com writes:
>
> > I don't see any reason why we shouldn't have privacy addresses
> > enabled
> > by default. In fact, back in 2008 no one voiced their concerns.
>
> Back in 2008 most people hadn't had their networks fall over as a
> result of MLD listener report implosions when a thousand machines
> report (via multicast, natch) their eight[1] single-member
> solicited-node multicast groups in the space of a few seconds.
>
> -GAWollman
>
> [1] Assuming the vendor actually implemented the thing correctly.
> Some of us have seen what happens when one machine reports eight
> hundred single-member solicited-node multicast groups in the space of
> a few milliseconds.
Pretty sure these problems have been addressed by now, given the amount
of computers, smart phones, tablets, etc. running with privacy
extensions enabled.
If you still think this is a big problem, then FreeBSD could simply
implement CGA .
--
Rui Paulo
More information about the freebsd-net
mailing list