<div dir="ltr">Similar NM wonkiness going on in Ubuntu.<div><a href="https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1176415">https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1176415</a></div><div>
<br></div><div>Regards,</div><div>Jason</div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Thu, Dec 19, 2013 at 10:14 AM, Hannes Frederic Sowa <span dir="ltr"><<a href="mailto:hannes@stressinduktion.org" target="_blank">hannes@stressinduktion.org</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="im">On Thu, Dec 19, 2013 at 06:59:56PM +0100, Tore Anderson wrote:<br>
> * Hannes Frederic Sowa<br>
><br>
> > The kernel should install the IPv6 address with /64 prefixlen without also<br>
> > installing a prefix route for that subnet. Currently the kernel does this<br>
> > automatically.<br>
><br>
> I don't think you can do that from user-space. If you add a /64 (any ><br>
> /128 really), you automatically get a on-link route too. At least I<br>
> cannot spot how to do it in ip-address(8). So the only way to deal with<br>
> the L=0 case when doing RA-processing in user-space is to add the<br>
> address as a /128.<br>
<br>
</div>Since the current kernel has extended ifa_flags to 32 bit it is now very<br>
straightforward and easy to add such functionality (this was done for<br>
NM correctly supporting privacy addresses). I already had this on my<br>
todo list for some time but did not get to it.<br>
<br>
I still have to review how address and prefix route deletion should happen if<br>
this feature gets introduced.<br>
<div class="im"><br>
> Once you're doing that, it's probably easier to handle L=1 by simply<br>
> adding the on-link route directly, rather than adding the address as a<br>
> /64 and relying on the kernel to add the route for you. The two should<br>
> result in the same functionality, though, so I'm don't really understand<br>
> what's actually broken here.<br>
<br>
</div>I guess it breaks generation of privacy addresses.<br>
<br>
But you are right, essentially it should work but some assumptions were<br>
made in the kernel which should have been checked first.<br>
<br>
Greetings,<br>
<br>
Hannes<br>
<br>
</blockquote></div><br></div>