From patchwork Thu Sep 8 13:58:04 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Baptiste Jonglez X-Patchwork-Id: 1675641 X-Patchwork-Delegate: baptiste@bitsofnetworks.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=FGdBFibf; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4MNglj2n8cz1yj1 for ; Fri, 9 Sep 2022 00:01:37 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender: Content-Transfer-Encoding:Content-Type:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:MIME-Version:Message-Id:Date:Subject:Cc :To:From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References: List-Owner; bh=QpeMNABgifeN01uslmpiHa/6mWWmuUxvj0ca/NKNBJo=; b=FGdBFibf+7SjLk bGQtz3V2uXVfcgK/TrUGOwV6PgKI42Yga2rSaqkxn8VdfANAbyiC8MOp+uTzkhmM7QJS1GmrOATF/ JEsRII2xQKxCo3xtRBIV3kHB1AZnZaU1qOWb1HFitHnwn5tRyJOQ+Exxlr7ghDVvED5n8xqleeir3 WnILD2KWDn87OyitdH86lJynb6O3vcUhNopx5SG4kdyjEKx5T4ZQPQem2paN1BVtJZwngGvT/2ae/ oMs/6kSlQirHEhDG0GAhJEtiX56ISveUoH5Y8QOXZVZfKIkWTYcbKQ8tF79J1zppdzvLdDCzL8GLV AsRQDkdnNJ9dzlNNiVRw==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.94.2 #2 (Red Hat Linux)) id 1oWI3M-004HKj-IN; Thu, 08 Sep 2022 13:58:48 +0000 Received: from mails.bitsofnetworks.org ([2a10:a080:1100:5204::131]) by bombadil.infradead.org with esmtps (Exim 4.94.2 #2 (Red Hat Linux)) id 1oWI3F-004H0z-4w for openwrt-devel@lists.openwrt.org; Thu, 08 Sep 2022 13:58:46 +0000 Received: from [2a00:5881:4008:0:85b9:37ea:7268:a30b] (helo=thunderclap.lan) by mails.bitsofnetworks.org with esmtp (Exim 4.92) (envelope-from ) id 1oWI2r-0002jC-Oz; Thu, 08 Sep 2022 15:58:17 +0200 From: Baptiste Jonglez To: openwrt-devel@lists.openwrt.org Cc: Jo-Philipp Wich , =?utf-8?q?Thibaut_VAR=C3=88NE?= , Baptiste Jonglez Subject: [PATCH] base-files: Don't enable ULA IPv6 addresses by default in new config Date: Thu, 8 Sep 2022 15:58:04 +0200 Message-Id: <20220908135804.735499-1-baptiste@bitsofnetworks.org> X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20220908_065841_210056_0F8A5B49 X-CRM114-Status: UNSURE ( 9.12 ) X-CRM114-Notice: Please train this message. X-Spam-Score: 0.0 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Baptiste Jonglez ULA IPv6 prefixes (Unique Local Addresses, RFC 4193) are not routable on the Internet. As such, they have very limited use, and enabling them by default causes more problems than it solves: Content analysis details: (0.0 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: OpenWrt Development List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org From: Baptiste Jonglez ULA IPv6 prefixes (Unique Local Addresses, RFC 4193) are not routable on the Internet. As such, they have very limited use, and enabling them by default causes more problems than it solves: - if an OpenWrt device already has external IPv6 connectivity with globally routable addresses, then ULA addresses are not useful. - if an OpenWrt device has no external IPv6 connectivity, then ULA addresses could be useful for local IPv6 communication on the LAN; however, link-local IPv6 addresses already provide such a service without needing any configuration or even the need for a router. Discovery protocols based on IPv6 multicast and link-local addresses are becoming more common (e.g. syncthing) and don't need ULA to work. - users might be confused to see multiple unrelated IPv6 addresses on their devices. Or they might wrongly conclude that they have IPv6 connectivity thanks to ULA addresses, while in fact ULA addresses are not globally routable. - there have been various bug reports [1, 2, 3] in 19.07 and 21.02 where ULA addresses basically break global IPv6 connectivity. These bugs have not been solved in several years, indicating a probable lack of interest for ULA from the OpenWrt developer community. ULA addresses are still supported, e.g. by setting network.globals.ula_prefix='auto' in a uci-defaults script that runs before "12_network-generate-ula", or by directly setting network.globals.ula_prefix to a /48 prefix. [1] https://github.com/openwrt/openwrt/issues/5082 [2] https://forum.openwrt.org/t/router-can-use-ipv6-ok-but-clients-in-lan-cannot/57587 [3] https://lafibre.info/ipv6/saison-2-openwrt-slaac-problemes/ Signed-off-by: Baptiste Jonglez --- package/base-files/files/bin/config_generate | 7 ------- 1 file changed, 7 deletions(-) diff --git a/package/base-files/files/bin/config_generate b/package/base-files/files/bin/config_generate index 596fcf41fa..f0ea4b6eb2 100755 --- a/package/base-files/files/bin/config_generate +++ b/package/base-files/files/bin/config_generate @@ -45,13 +45,6 @@ generate_static_network() { set network.loopback.ipaddr='127.0.0.1' set network.loopback.netmask='255.0.0.0' EOF - [ -e /proc/sys/net/ipv6 ] && { - uci -q batch <<-EOF - delete network.globals - set network.globals='globals' - set network.globals.ula_prefix='auto' - EOF - } if json_is_a dsl object; then json_select dsl