[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Default value of net.ipv6.bindv6only should revert to 0

Zitat von Russ Allbery <rra@debian.org>:

Hendrik Sattler <post@hendrik-sattler.de> writes:

It's a trade-off with a different goal in mind. So what. Both settings
of bindv6only are if you cannot assume standard behaviour. Maybe we
should patch this option _out_ of the linux kernel to get rid of the
assumption that the default may be changed.

It's not an assumption.  It's reality that one has to write code against,
because different platforms do different things.  Even if you could remove
the option from the Linux kernel (retroactively, changing time to remove
all the systems that already exist), that doesn't change the fact that
Solaris and BSD behave differently.

But that was not the reason why the default was changed for _linux_ in Debian.
Since when do we need to adapt non-standard Solaris and BSD behaviour?

Read about IPV6_ADDRFORM in ipv6(7). Use it. Change back to the default
and forget about this discussion how hard it is to convert addresses to
AF_INET style, so ACLs do match. Enjoy life :)

This doesn't have much to do anything to do with the conversation that
we're having, though.  Once you're modifying the application, there's a
bunch of things that you can do to address this problem in different ways.
The question that we're debating is what the default should be for
applications that are not expressing an explicit preference.

You forgot to cite yourself! This was an answer to your "BTW" question.

It was proposed to fix programs that may not work with bindv6only=1. This is correct. But it was also noted that the change was done to have less problems with some other applications (ACLs, etc.). If you need AF_INET addresses to make e.g. your ACLs to work correctly, the above socket option _is_ a solution. An easy solution. You need to patch those programs then? So what! That's exactly what you request from others.

What again was the list of "reasons" to change the default value of bindv6lonly from 0 to 1? I have not seen any good reasons so far.


Reply to: