Comments (4)
Could you give some more details? When would this be most useful? How should this be configured without any network manager? A quick search revealed that /proc/sys/net/ipv6/*/stable_secret
is the meat of the implementation of the RFC.
from netctl.
I'm not totally sure myself how it's managed or implemented, but it appears to be implemented in the kernel with
addr_gen_mode
.
I don't think NetworkManager does it this way, seeing as how my NetworkManager interfaces are set addr_gen_mode=1
and are nevertheless set using stable secret.
I'm not overly knowledgeable here, but can we just set sysctl net.ipv6.conf.<if>.addr_gen_mode=3
on the interface?
EDIT: Yes, we can, which of course means it's probably not something that needs to be handled at all by netctl
😁
from netctl.
Sure, netctl
could set addr_gen_mode
. The question is when should it do so. What are the IP6=
settings for which it makes sense? What additional parameters do we need/want (and document)?
I can already see many levels of randomized addresses:
- random addresses (via
use_tempaddr
?) - stable random addresses (
addr_gen_mode=3
?) - stable random addresses with a controlled key (should
netctl
touchstable_secret
?)
If any of these settings are to be exposed by netctl
, they should be exposed using meaningful names and settings. Not via cryptic names and numeric constants.
All of this could also be controlled via stable sysctl
settings, see for instance the Arch Wiki. This is not profile-specific, so there is a use case for these settings in netctl
. Note, though, that stateless address privacy is meant to transcend profiles!
from netctl.
I originally asked because I hadn't found addr_gen_mode
and knew that NM was setting it some other way. But setting addr_gen_mode
to 2
/3
for the entire interface works fine for me. I.e. my use case is covered without needing to change netctl
.
I think your last point is important, profile specific settings are not the way to go 99% of the time.
from netctl.
Related Issues (20)
- Ask for password on network connect HOT 3
- [email protected] is not started after interface is inserted HOT 9
- Reduce/remove waiting time for pluggable WiFi devices on startup HOT 9
- netctl-ifplugd Unable to get ip address HOT 3
- [Feature request] Auto retry wifi connection HOT 5
- Add option for accept_ra value HOT 6
- Allow regular user to `netctl switch-to <profile>` HOT 2
- [Feature request] Blacklist access points. HOT 10
- NO SSID environment variable HOT 6
- Only one hook works at a time HOT 3
- netctl wanted by multi-user.target, slowing down boot HOT 4
- netctl-auto list_netctl_auto_interfaces() function bug HOT 1
- Add a command for WPS Push Button HOT 4
- How to configure pppoe with macvlan interface? HOT 7
- Check config file when restart command HOT 5
- When an issue occurs in the ISP, the systemd service of pppoe will fail. HOT 10
- Hook not executed for netctl-auto HOT 8
- Error while executing the script via ExecUpPost HOT 1
- No way to leave resolv.conf alone with DHCP profile (?) HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from netctl.