| I've come across some unexpected changes in interface behavior between linux-image-5.10.0-13-amd64 and linux-image-5.10.0-17-amd64. Consider the following script: $ cat test.sh #!/bin/sh sudo ip link add test1 type veth peer test2 sudo ip link set test1 down sudo ip link set test2 down sudo sysctl net.ipv6.conf.test1.disable_ipv6=1 sudo sysctl net.ipv6.conf.test2.disable_ipv6=1 sudo ip link set test1 up sudo ip link set test2 up (There might be a simpler way to trigger it, but this one works for me.) When I run this on a system running linux-image-5.10.0-13-amd64, I get this behavior: $ ./test.sh net.ipv6.conf.test1.disable_ipv6 = 1 net.ipv6.conf.test2.disable_ipv6 = 1 $ ip addr | grep -A 3 test[12] 2370: test2@test1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether ea:fc:8a:36:09:fc brd ff:ff:ff:ff:ff:ff 2371: test1@test2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether e2:e0:d2:09:0d:de brd ff:ff:ff:ff:ff:ff $ sudo sysctl net.ipv6.conf.test1.disable_ipv6 net.ipv6.conf.test1.disable_ipv6 = 1 $ sudo sysctl net.ipv6.conf.test2.disable_ipv6 net.ipv6.conf.test2.disable_ipv6 = 1 No IPv6 addresses, and IPv6 is still disabled. But when I run on a system running linux-image-5.10.0-17-amd64, I get this behavior: net.ipv6.conf.test1.disable_ipv6 = 1 net.ipv6.conf.test2.disable_ipv6 = 1 $ ip addr | grep -A 3 test[12] 212: test2@test1: <BROADCAST,MULTICAST,DYNAMIC,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether ce:16:79:86:ea:16 brd ff:ff:ff:ff:ff:ff inet6 fe80::cc16:79ff:fe86:ea16/64 scope link valid_lft forever preferred_lft forever 213: test1@test2: <BROADCAST,MULTICAST,DYNAMIC,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether b6:8f:2e:59:1e:68 brd ff:ff:ff:ff:ff:ff inet6 fe80::b48f:2eff:fe59:1e68/64 scope link valid_lft forever preferred_lft forever $ sudo sysctl net.ipv6.conf.test1.disable_ipv6 net.ipv6.conf.test1.disable_ipv6 = 0 $ sudo sysctl net.ipv6.conf.test2.disable_ipv6 net.ipv6.conf.test2.disable_ipv6 = 0 The interfaces are configured with link-local addresses, and IPv6 is no longer disabled. I looked through the changelog for linux-image-5.10.0-17-amd64 and saw a number of changes from upstream involving sysctl, but I couldn't point to any one thing that might have caused this. So... what I'm looking for is 1) a sanity check (can others confirm the behavior discrepancy?); 2) an expectation of *correct* behavior (seems to me like the 5.10.0-13 behavior is "correct"); and 3) suggestions for next steps. This has broken some software I've developed. I have a workaround, but it's not very pretty :) P.S. For those that are concerned that I'm disabling IPv6, this is for teaching the link layer, and it's really hard to do that with all the activity associated with IPv6. |