[Cerowrt-devel] Current state of ipv6 in openwrt barrier breaker
Steven Barth
cyrus at openwrt.org
Tue Dec 11 15:46:59 EST 2012
Hi Ole,
your feedback is appreciated, thanks.
Just to clarify a few things here because I think there might be
misunderstandings.
> or create state...
> NPT should not be on by default though
I agree and it won't be a default in plain OpenWrt.
> I think the the ULA prefix should be created as specified in RFC4193.
> otherwise you'll get into trouble merging networks, or building a
> mesh with your neighbour.
> (overlapping ULA space).
In the current implementation /dev/urandom is used to generate the /48
on the first boot of the device. fd00:: was just an example here.
I don't see any particular advantage in using the sha / ntp etc. thing
especially since there might not be a working RTC.
> shouldn't all interface have a /64?
I won't restrict users doing anything else but /64 is the default, yes.
> actually it should not be expected to have global reachability.
> doing ULA to global translation by default would break one of the
> ideas we have in the homenet WG,
> about allowing devices on the network not being prepared to be on the
> global Internet use ULAs. that way
> we can avoid firewalls on the network borders, and still protect the
> unprepared... ;-)
Yes the problem is that source address selection seems to be a trouble
on clients. I just had users / tester complain yesterday about devices
using ULA instead of the 200X: source addresses breaking connectivity
when both are announced so now I had to implement a hack that sets
the preferred time of the ULA to 0 when there are prefixes with global
reachability.
Similarly I see NPT only as a way to work around client issues
- especially when having multi-homing / redundant uplinks -
and not as a default way of doing things.
Cheers,
Steven
More information about the Cerowrt-devel
mailing list