W dniu 9.04.2025 o 12:51, Ronald Klop pisze:
Hi,
Next to hostuuid you could add a jailname in the mix.
That is what ether_gen_addr(9) does to make it easier to prevent
collisions while copying jails around or run a jail on a readonly
shared base filesystem.
Regards,
Ronald.
I ran several tests in VNET jails to evaluate the combined behavior of
D49681 and D50108. Based on the results, I concluded that since the
logic is implemented entirely in the kernel, only the host system’s
|hostid| has an effect. This means that cloned or copied jails using
interfaces with different names will not interfere with each other.
However, if multiple jails are running on the same host and use the same
internal interface names, they will be affected by this behavior.
Cheers
Marek
*Van:* Guido Falsi <madpi...@freebsd.org>
*Datum:* woensdag, 9 april 2025 12:17
*Aan:* Marek Zarychta <zarych...@plan-b.pwste.edu.pl>, FreeBSD Current
<freebsd-current@freebsd.org>, n...@freebsd.org
*Onderwerp:* Re: RFC: Implementation of RFC 7217 [A Method for
Generating Semantically Opaque Interface Identifiers, with IPv6
Stateless Address Autoconfiguration (SLAAC)]
On 4/6/25 23:38, Marek Zarychta wrote:
> W dniu 6.04.2025 o 16:49, Guido Falsi pisze:
>> Hi!
>>
>> I have recently implemented and tested the patch at [1], which
>> implements RFC 7217, about generating IPv6 addresses that are
constant >> through reboots, but do not expose the MAC address of
the machine, not >> being in any way derived by those.
>>
>> I'd like to get comments, testing and review for this patch,
with the >> objective of getting approval to commit it to head
once it is >> streamlined enough.
>>
>> BTW I'd like to thank cognet for his suggestions and help with
the >> patch, in particular his help in finding the correct way to
implement >> the dad_failures counter.
>>
>>
>> And thanks in advance to anyone willing to give feedback!
>>
>>
>> [1] https://reviews.freebsd.org/D49681
>>
> This is great news for the community !
>
> I've already started testing it on both a desktop and a laptop -
which > is probably even more valuable, especially since the
laptop will be > connecting to various networks. If I encounter
any issues, I will post > comments in the review.
I posted an updated patch, addressing feedback and containing some
more improvements.
If testing this new patch, the flag needs to be activated per
interface with ifconfig(8) now, or via tunable in loader.conf.
Should generate the same addresses it was generating before, with
the only exception of the (relatively improbable) case that the
previous patch was generating a reserved IPv6 address, which is
now checked for and another one generated in such a case.
--
Guido Falsi <madpi...@freebsd.org>
------------------------------------------------------------------------
