http://bugzilla.novell.com/show_bug.cgi?id=494958
http://bugzilla.novell.com/show_bug.cgi?id=494958#c3
Marius Tomaschewski
Hmm, my long time plan: push a change to the upstream kernel that makes the /proc/sys/net/ipv[46]/conf/all/* work. This is going to take time and I don't think it is a good idea to diverge from upstream here. The change may never get there, people have different ideas about how this should work :(
Until then, this should be fixed in the sysconfig package. I checked the kernel code and:
- setting /proc/sys/net/ipv6/conf/all/use_tempaddr cannot have any effect at all.
OK... this is a bad thing.
- /proc/sys/net/ipv6/conf/default/use_tempaddr will set the default for newly registered interfaces. If this is set in the initscripts, it might already be too late, as some network drivers are compiled-in into the kernel, may be loaded from initrd, etc. I think this is unusable.
Yes, at least physical interfaces are already there...
The only way to fix this is to read the settings of IPV6_PRIVACY somewhere near ifup (don't know what to do for networkmanager?) and set /proc/sys/net/ipv6/conf/
/use_tempaddr accordingly. Marius, could this be done?
rpm -qf /etc/init.d/boot.ipconfig => aaa_base added maintainer to Cc and also Kay. Hmm... This can be set per inteface also via PRE_UP_SCRIPT -- see "man 8 ifup". For virtual interfaces it has to go to sysctl.conf or sysconfig/sysctl as it is using the ..../default/use_temoaddr variable I think. Or does it work properly when the iterface is already up? It would be possible to add a per interface IPV6_PRIVACY variable to ifcfg files and apply before "ip link set up" call... But I'd prefer to use similar names as in proc/sysctl, that is e.g.: SYSCTL_NET_IPV6_CONF_USE_TEMPADDR SYSCTL_NET_IPV6_CONF_AUTOCONF or I think better via per interface ifsysctl.$INTERFACE files with content like: net.ipv6.conf.$IF.autoconf = 0 net.ipv6.conf.$IF.use_tempaddr = 1 IF is the interface name as required in sysctl: ${INTERFACE/\./\/} that can be used instead of the real interface name. In any case, this is not easy or impossible to make for all the virtual interfaces when it is too late when we do it after the ip link set up. Just think of ppp interface, that is created by pppd, not by ifup. But this would be a feature request for 11.3 to make this -- a workaround via a PRE_UP_SCRIPT exists. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.