Ubuntu 16.04

Bjørn Mork bjorn at mork.no
Fri Apr 22 14:59:52 CEST 2016


Mikael Abrahamsson <swmike at swm.pp.se> writes:
> On Fri, 22 Apr 2016, Jeroen Massar wrote:
>
>> But, check your 'sysctl -a | net.ipv6.conf' you might find some knobs
>> there. Next to that, check systemd settings as that thing wants to take
>> over the kernel and thus ignores those settings and comes up with it's
>> own...
>
> It's strangem it looks like they still have the kernel to process RAs?
> Doesn't it seem like the kernel now has support for the kind of stable
> non-EUI64 based addresses from https://tools.ietf.org/html/rfc7217 ?
>
> http://unix.stackexchange.com/questions/251401/cannot-read-key-net-ipv6-conf-all-stable-secret-in-sysctl
> seems to indicate that the error message below is because the secret
> isn't set? So potentially if I set the secret I'll get the same
> address every time? Let's try...

That's correct.... if they use the kernel.  I don't know what they do.
You can check the kernel config with something like

 $ ip -d link show dev wlan0
 3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DORMANT group default qlen 1000
     link/ether 0c:8b:fd:08:09:71 brd ff:ff:ff:ff:ff:ff promiscuity 0 addrgenmode eui64 

"addrgenmode" will tell you how the kernel creates IPv6 addresses for
that interface.  "eui64" is the traditional default for ethernet
interfaces, but userspace applications taking over address configuration
will typically set it to "none".

Unfortunately you'll probably need a newer "iproute" tool to show
anything else.  But recent kernels also support the rfc7217 mode you
refer to above, and a variant of that using an autogenerated secret.
The latter does of course not make much sense for most use cases.  It
was created for devices which has no appropriate EUI64 method, like
headerless tunnels.



Bjørn


More information about the ipv6-ops mailing list