tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: how do I disable IPv6?



On Tue, Feb 27, 2018 at 11:52 PM, Robert Elz <kre%munnari.oz.au@localhost> wrote:
>     Date:        Tue, 27 Feb 2018 20:20:16 -0700
>     From:        Andy Ruhl <acruhl%gmail.com@localhost>
>     Message-ID:  <CAJcb3friwjn1nqvtjkzehpL1xCSf9mLnhZSd1iMiooSQDeki6A%mail.gmail.com@localhost>
>
>   | There is DAD which shouldn't happen (but humans can cause it quite
>   | easily which should be easy to test),
>
> Do you mean DAD (which is the protocol that tests for duplicate
> addresses), or duplicate addresses?   I suspect the latter.

I was talking about DAD (Duplicate Address Detection) as a positive
result, not as a function. It shouldn't happen in IPv6 for the most
part, but of course if a human is involved and typing in static
addresses, the chances of it happening increase quite a bit.

>   | and then there is DAD for a link
>   | local address which *really* shouldn't happen.
>
> Assuming the 2nd meaning, then that's true of EUI-64 generated
> addresses, whatever scope they have.  But it is just as easy (or
> at least almost as easy) to manually assign a link local address as
> any other, and those are just as likely to be duplicates as any other.

Yes, I was implying EUI-64 addresses should never trigger a duplicate
detection based the idea that MAC addresses should be pretty unique.
MIchael van Elst's reply to the amd64 thread explains why DAD can find
a duplicate address on WiFi even if the address is unique, and why it
needs a fix. And we got a test fix from Roy Marples.

>   | Although I've heard
>   | stories of duplicate MAC addresses from unscrupulous vendors before.
>
> I have heard those stories as well, though never actually seen it,
> and I am not sure I have ever actually talked to anyone who had
> personally seen it either.

Someone at my company shared a story of "engineering" (meaning,
pre-production) adapters from a vendor where a mistake was made and
all ethernet MAC addresses were the same. My response was meant to
point out the possibility of duplicate MACs (since they can be set by
hand) or duplicate hand coded IPv6 addresses is why DAD needs to be
done and needs to be reliable.

Andy


Home | Main Index | Thread Index | Old Index