Re: Networking problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 05/21/11 12:19, Tom H wrote:
> On Thu, May 19, 2011 at 10:06 PM, JD<jd1008@xxxxxxxxx>  wrote:
>> On 05/19/11 18:45, Tom H wrote:
>>> On Thu, May 19, 2011 at 8:57 PM, JD<jd1008@xxxxxxxxx>    wrote:
>>>> On 05/19/11 17:41, Tom H wrote:
>>>>> To the OP: Do you have a "/etc/sysconfig/network-scripts/ifcfg-wlan0"
>>>>> and a "/etc/sysconfig/network-scripts/ifcfg-wlan0:0"? What are their
>>>>> contents?
>>>> I have no  /etc/sysconfig/network-scripts/ifcfg-wlan0:0
>>>>
>>>> $ cat /etc/sysconfig/network-scripts/ifcfg-wlan0:
>>>> DEVICE=wlan0:0
>>>> IPV6INIT=no
>>> Why do you have "DEVICE=wlan0:0" in
>>> "/etc/sysconfig/network-scripts/ifcfg-wlan0"?
>> I think that is a remnant. Thank for pointing it out.
>> I had completely overlooked it. But, it is nevertheless,
>> harmless.
> You're welcome. It's harmless in your case, except for the weird
> ifconfig and netstat outputs. If you were using dhcp, it'd be even
> more harmless (only wlan0 would be brought up with a dhcp ipv4 address
> and a link-local ipv6 address) or harmful (neither wlan0 nor wlan0:0
> would be brought up).
>
>
>>>>>> It is a valid IPv6 interface.
>>>>> It's valid but it isn't routable. It's the equivalent of an ipv4
>>>>> 169.254.x.y address.
>>>> Yes. ifconfig always prints this even when ip6 is disabled.
>>> No, if ipv6 is disabled, no ipv6 address is assigned to any interface.
>> I do not see in any of my conf files, nor in services
>> where I have enabled ipv6.
> Take a look at "CONFIG_IPV6" in "/boot/config...".
>
>
>> But I think there are other internal interfaces/modules that, [do
>> not/are not configured to]
>> go out over the LAN, that use ipv6: such as:
>> bridge,ah6,esp6,xfrm6_mode_beet,xfrm6_mode_tunnel,ipcomp6,xfrm6_tunnel,tunnel6
>>
>> But I see your point because I thought that it was completely disabled.
>> Now I wonder if any of the loadable modules that get loaded, depend on.
>> ipv6 being enabled.
>>>>>> The fact that IPv6 layer was disabled on the subnet (as JD clarified it later),
>>>>>> does not change anything. Once again, the type of configured interface wlan0
>>>>>> is of interest to me, that is IPv6-type.
>>>>> Since wlan0:0 has a ipv6 address, ipv6 must not be disabled.
>>>> It really IS disabled. Look at the contents of my ifcfg-wlan0 above.
>>>> It says IPV6INIT=no
>>> "IPV6INIT=no" doesn't disable ipv6; it's used by
>>> "/etc/sysconfig/network-scripts/ifup-ipv6" to determine whether to
>>> configure ipv6 for that interface. If ipv6.ko isn't prevented from
>>> loading through "/etc/modprobe.conf" or a conf file in
>>> "/etc/modprobe.conf.d/", an interface will be assigned an fe80 ipv6
>>> address.
>> Correct. I had overlooked that altogether.
>> As I asked above, I wonder if some service will break
>> if I black list the ipv6 modules.
> No idea but possible; exim (on Debian, never tried it on Fedora) craps
> out if you disable ipv6 globally without disabling ipv6 in exim's own
> configuration.
Well, I do not need a mail server. I would have to fight with
at&t to open up port 25 for me.
Also, I found out that because my machine on the lan
does not have a public domain, no smtp agent would
accept mail from my machine anyhow, except gmail
(and probably others) as a mail forwarding server.
So I do not run exim.
It would be nice to find a way to have a public domain
name and public mx record mapped onto the router's
public ip address - and forward port 25 to my fedora
machine. But that will open me up to bazzillions of spam
emails, and I really do not want to have to admin yet
another app or apps to deal with that.
After reading a few blogs about diabling ipv6, I collected
these settings to be added to a new file in /etc/modprobe.conf
(say disable-ipv6.conf):

alias net-pf-10 ipv6      off
alias net-pf-10           off
alias ipv6                off
install ipv6              /bin/true
install ip6table_filter   /bin/true
install ip6_tables        /bin/true
blacklist ipv6
blacklist ip6table_filter
blacklist ip6_tables

Not sure which of these will prevent the loading of ipv6 modules altogether.
blacklist seems to be advisory and can be overruled by modprobe.
aliasing something to off  sounds like it could be the ax, but not sure.
Using /bin/true as a substitute to a module seems to be the sure fire way
of preventing the loading of that module.
But even here, I wounder if there are ways to circumvent it, as in using
insmod /..../...../etc.../module.ko

-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux