Re: Replacing isc-dhcp-client with dhcpcd-base (Was: ifupdown maintenance)

To: Daniel Gröber <dxld@darkboxed.org>, Martin-Éric Racine <martin-eric.racine@iki.fi>
Cc: Santiago Ruano Rincón <santiagorr@riseup.net>, "Sean Whitton" <spwhitton@spwhitton.name>, ktetzlaff <debian@tetzco.de>, "Josue Ortega" <josue@debian.org>, debian-devel@lists.debian.org, ifupdown@packages.debian.org, ifupdown2@packages.debian.org, ifupdown-ng@packages.debian.org, 1038882@bugs.debian.org, team+networking@tracker.debian.org
Subject: Re: Replacing isc-dhcp-client with dhcpcd-base (Was: ifupdown maintenance)
From: "Henrique de Moraes Holschuh" <hmh@debian.org>
Date: Sun, 15 Sep 2024 12:33:42 -0300
Message-id: <[🔎] cced7f4e-bc75-477e-aa07-2c840f5a1dba@app.fastmail.com>
In-reply-to: <[🔎] 20240914123008.6vbk57ldsyyxo7nd@darkboxed.org>
References: <CAPZXPQdFDS4UXjvUfio7C44s22sx0hMNfDkRjmW_0zG2fep_yA@mail.gmail.com> <20240707135644.q227pfu4lg3dsqg7@House.clients.dxld.at> <CAPZXPQct_xUo-xNCEk-2k+U9Edzk+LqMCerLwJHokLwjFM8r6Q@mail.gmail.com> <ZowEZI4WkhqAkEIy@voleno> <[🔎] 87jzffncb9.fsf@zephyr.silentflame.com> <[🔎] CAPZXPQfKKDVxDF1jiZZwsOMreAKzABtpkB7ePndiuORTqgzAAA@mail.gmail.com> <[🔎] ZuS52yMI2WY01Wj9@voleno> <[🔎] CAPZXPQdx=1EbTMUcYPdDGJdBEaCairaW_P5eP_VfSgpD07oUAQ@mail.gmail.com> <[🔎] 20240914123008.6vbk57ldsyyxo7nd@darkboxed.org>

On Sat, Sep 14, 2024, at 09:30, Daniel Gröber wrote:
>  3) dhcpcd-base enables IPv6 privacy addressess by default.

Please never do this *by silent default* when DHCPv6 is being used for stateful address assignment, privacy addresses are a big issue on non-home networks and even on home networks depending on firewall rules...

Although I suppose a relevant note on NEWS.Debian *and* the Release Notes might be enough if.we consider it is desirable for most installs.

> 3) Since ifupdown is mainly used in the server/embedded sorts of
> enviornments I'm not sure privacy addressing is the right default.
> (cf. /etc/dhcpcd.conf having `slaac private` thus enabling RFC 7217
> addressing). We can assume NM will be in use for most Desktop users so I
> believe it's safe in principle to retain the current MAC based SLAAC
> address behaviour we used to get from the kernel RA implementation.
> Thoughts?

Agreed, the less surprises here, the better.

-- 
  Henrique de Moraes Holschuh <hmh@debian.org>

Reply to:

References:
- Re: ifupdown maintenance
  - From: Sean Whitton <spwhitton@spwhitton.name>
- Re: ifupdown maintenance
  - From: Martin-Éric Racine <martin-eric.racine@iki.fi>
- Re: ifupdown maintenance
  - From: Santiago Ruano Rincón <santiagorr@riseup.net>
- Re: ifupdown maintenance
  - From: Martin-Éric Racine <martin-eric.racine@iki.fi>
- Replacing isc-dhcp-client with dhcpcd-base (Was: ifupdown maintenance)
  - From: Daniel Gröber <dxld@darkboxed.org>

Prev by Date: Re: mtkbabel mayby unmaintained long time new version available Perl? advice?
Next by Date: Bug#1081853: ITP: libtest2-plugin-ioevents-perl -- module to turn STDOUT and STDERR into Test2 events
Previous by thread: Re: Replacing isc-dhcp-client with dhcpcd-base (Was: ifupdown maintenance)
Next by thread: Re: Replacing isc-dhcp-client with dhcpcd-base (Was: ifupdown maintenance)
Index(es):
- Date
- Thread