[Dibbler] Mixed stateless autoconfiguration and DHCP

Karl Auer kauer at biplane.com.au
Fri Jun 27 02:01:06 CEST 2008


Hullo Tomasz

On Fri, 2008-06-27 at 00:31 +0200, Tomasz Mrugalski wrote:
> To disable, stateless autoconf, you have 2 options:
> 1. reconfigure your router to disable autonomous bit in its adverisements.
> With this bit disabled, hosts may still configure routing, but are not 
> allowed to generate their addresses. If your router happens to be 
> Linux/unix box running radvd, add "AdvAutonomous off" to its 
> /etc/radvd.conf.

As noted, that's no good to me as I want *some* machines to still do
stateless autoconfiguration.

As a side note, I can't figure out *why* a router would advertise a
prefix but tell its clients that they aren't allowed to use it. Makes no
sense to me - why advertise it at all? And there is no guarantee that a
misbehaving or malicious client won't use it anyway.

> 2. Ignore RAs on your host. To do so, use this command:
> echo 0 > /proc/sys/net/ipv6/conf/eth0/autoconf

Ah, now that sounds like exactly what I was looking for.

> You may also want to inspect /proc/sys/net/ipv6/conf/eth1/ directory,
> as there are other kernel parameters that may be tampered with.

I'll do that. Many thanks! "accept_ra" looks like it might also do the
trick, albeit with a sledgehammer (lose routing etc).

> Just a small note to other people, who may be interested. That has
> nothing  to do with dibbler and DHCPv6. Those flags are for stateless
> autoconf only.

The reason I asked here is that DHCPv6 users are the most likely to know
how to tell an interface NOT to do stateless :-)

Regards, K.

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Karl Auer (kauer at biplane.com.au)                   +61-2-64957160 (h)
http://www.biplane.com.au/~kauer/                  +61-428-957160 (mob)

GPG fingerprint: DD23 0DF3 2260 3060 7FEC 5CA8 1AF6 D9E3 CFEE 6B28
Public key at  : random.sks.keyserver.penguin.de

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://klub.com.pl/pipermail/dibbler/attachments/20080627/48d28aa6/attachment.pgp 


More information about the Dibbler mailing list