sys/netinet6/nd6.c: add ND6_IFF_ACCEPT_RTADV flag

Hiroki Sato hrs at allbsd.org
Tue Dec 28 14:19:17 PST 2004


Jeffrey Hsu <hsu at xxxxxxxxxxx> wrote
  in <41D1C96A.2010805 at xxxxxxxxxxx>:

hsu> Since the default behavior is the same, how useful is the
hsu> added functionality to optionally not accept RAs?  Also, is
hsu> there a corresponding change to ifconfig required?  Thanks.

 For a multi-homed IPv6 host with multiple NICs, that the host
 accepts all RAs can be a problem because they are not always
 trusted and can confuse the routing table and so on.  While
 the autoconfiguration of IPv6 using RAs itself can be performed
 independently on each interface, if the administrator cannot
 control which interface accepts RAs (currently "all" or "nothing" can
 be set via sysctl), he cannot connect the host to untrusted
 IPv6 network, for example.

 Changes to the userland utility are needed, too.  KAME implements
 ndp(8) to handle the flag and I think I will submit the patch soon.

-- 
| Hiroki SATO
Attachment:
pgp00025.pgp
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pgp00025.pgp
Type: application/octet-stream
Size: 187 bytes
Desc: "Description: PGP signature"
URL: <http://lists.dragonflybsd.org/pipermail/submit/attachments/20041228/c5f8de7f/attachment-0019.obj>


More information about the Submit mailing list