On Wed, 5 May 2010 10:10:43 -0700
Hmm after looking at sysctl(8) net.inet6 stubs and in6_ifattach.c there
seems to be no option that I see for that in netbsd-5. It's part of
the ipv6 standard that interfaces have an automatic link-local address,
and that address can only be used on the local network, but I guess
that it could be legitimate for some administrator to not want a
link-local address configured.

However, it is possible to disable listening to router advertisements
using net.inet6.ip6.accept_rtadv = 0 and to prevent a v6 socket from
accepting v4 to v6 mapping using net.inet6.ip6.v6only = 1.

Also, have you tried removing the link-local address using ifconfig?
If that works, that address is supposed to remain the same for that
interface, so a script could do it easily once you know the address to
remove.

I use this, which seems to work on NetBSD 5.

#!/bin/sh

# Copyright 2009 Coyote Point Systems, Inc. All rights reserved.

# Usage: stripv6 <if> removes the autoconfigured IPv6 address, if any,
# from network interface <if>, allowing it to be
# attached to an upper-layer interface such as an agr.
#
# Exit status: 0 if an address is removed, 1 elsewise.

autov6=$(ifconfig $1 \
| awk '/inet6 fe80/ { split($2, a, "%"); printf("%s", a[1]) }')

if [ -n "$autov6" ]; then
ifconfig $1 inet6 $autov6 -alias
exit 0
fi

exit 1


--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de

Yes, together with the v6 auto link local notion.
It would seem reasonable to add per-interface protocol enable flags
(defaulting on probably) that you could unset prior to ifconfig up.
(That won't fix the v4 POINTOPOINT issue, but that seems not to be a big
deal right now.)

When I did this as part of a rewrite of the network stack in
support of large routers I added an extra layer of structure to
support this (and to provide a place to hang protocol-specific
per-interface data structure they required, rather than that
big, mostly unused, array in struct ifnet). That is, instead
of having an interface structure onto which were configured address
structures for various protocols, there was instead an interface
structure onto which was configured protocol family structures,
onto which was configured zero or more addresses for that protocol.
The kernel ignored incoming packets for protocols without a
corresponding family configured on the arrival interface, and had
no way of sending packets without a corresponding family configured,
so an interface with the hardware configured up but with no family
structures added was guaranteed to be silent and to ignore
everything which arrived (other than maybe giving it to bpf).
To configure a protocol you first configured it 'up', which
added the family structure, and then configured (or not)
addresses onto it.

To add protocol addresses (i.e. adding address structures to
the protocol family structure) required configuring the protocol
'up' first (to add the family structure). An unnumbered p2p
interface had the protocol configured 'up' (adding the family
structure) without bothering to add addresses. The act of adding
the ipv6 family structure is the thing which prompted ipv6 to
make up a link local address.

That's a long way of saying that you probably want to start with
all protocols configured off by default, since the act of configuring
them on is also the act you want to prompt the protocol to do
the protocol-specific things that need to be done for the interface
(like adding a link-local address, or maybe the per-interface data
structure needed for nd/arp). If you start with them 'on' then you
still have the problem of finding some event to make the protocol
to do the work which needs to be done to really turn them on.

Dennis Ferguson
--
Posted automagically by a mail2news gateway at muc.de e.V.
Please direct questions, flames, donations, etc. to news-***@muc.de