Subject: Re: HEADS UP! Default value of ip6_v6only changed
To: None <wsimpson@greendragon.com, core@netbsd.org, tech-net@netbsd.org,>
From: None <itojun@iijlab.net>
List: current-users
Date: 10/29/2003 15:09:18
> btw, freebsd changed the value from "off" to "on" between
> 4.x to 5.x to secure itself from the possible vulnerabilities.
> http://www.freebsd.org/cgi/cvsweb.cgi/src/sys/netinet6/in6_proto.c.diff?r1=1.17&r2=1.18
> openbsd does not implement IPv4 mapped address behavior at all.
> why netbsd has to make the backward change, i.e. secure behavior to
> insecure behavior? portable programs cope with the issue already
> (since MS WinXP is basically "v6only=1").
fwiw, kame will not change the behavior (v6only=1).
itojun