Re: How to turn off IPV6 (link local)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Wed, 16 Jun 2004, Bernd Eckenfels wrote:
> In article <1087370535.24446.2981.camel@segesta.zurich.ibm.com> you wrote:
> >> If the application prefers ipv6 it will try to use them, and only on connect
> >> it receives an error. Some do then ipv4 fallback (lynx) some dont (mozilla).
> > 
> > Fix your routing as that is the problem.
> 
> No it is not, a Host with only link-local addresses is perfectly well
> configured. The application can actually bind to the family and try to
> connect to the internet destination, it will just have to deal with the net
> not reachable error. And some applications dont. (but this is actually only
> the reson why i ave looked at the sysctl options, even if all aplications
> are fixed the options still behave wrong)
[...]

I think we may be having a slightly different problem here (as what
the others are discussing).  When you have enabled IPv6 but the
network does not support IPv6 (i.e., you have link-local addresses),
there are certain problems which may lead to longer timeouts.  This
depends principally on (at least) two things:

 1) whether the node has a "on-link assumption", i.e., a default route 
to your interface.

 2) whether TCP implementation aborts connection when it receives a 
"soft" ICMP error (against the host requirements RFC), 

These are both described at some length in 
http://www.ietf.org/internet-drafts/draft-ietf-v6ops-v6onbydefault-02.txt

The key point here is that in these cases, even if the application was 
properly programmed, you might need to wait for a long time (dozens of 
seconds, even minutes) before the application would fall back to IPv4.

IMHO, Linux should do both:
 1) remove the IPv6 default routes pointing on each interface when the 
interface is created,
 2) abort TCP connections which are in SYN-SENT state when an ICMP 
error is received.

This would help the robustness a lot in the scenarios where you want 
to enable IPv6, and make sure it works, even if you didn't have IPv6 
connectivity.

I.e., this is a critical thing for vendors which might want to ship 
with IPv6 enabled by default.

-- 
Pekka Savola                 "You each name yourselves king, yet the
Netcore Oy                    kingdom bleeds."
Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings



-
: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Netdev]     [Ethernet Bridging]     [Linux 802.1Q VLAN]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Git]     [Bugtraq]     [Yosemite News and Information]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux PCI]     [Linux Admin]     [Samba]

  Powered by Linux