Hi, On 21.11.2016 18:10, Erik Nordmark wrote: > On 11/16/16 10:49 PM, Hannes Frederic Sowa wrote: >> I thought about even removing the sysctl altogether and enable enhanced >> DAD by default. ;) >> >> I am in favor of enabling it by default. >> >> But given that there could be broken implementations out there, we >> should give users a choice and provide. > OK, I'll make it the default and send out a new version of the patch. I > was told I should base the patch on net-next instead of linux-stable so > I'll move it there.
Correct. >> >> Could you always generate a nonce in the interface structure? You could >> check the sysctl in the send and receive path to attach and check the >> nonce. This has the advantage that you don't need to delete the >> interface and recreate it to enable/disable enhanced dad on an interface >> (also you can get away with the loop around get_random_bytes to make >> sure its value is not zero as we don't depend on a non-zero nonce >> variable to signal enaling of the feature, see below). > The nonce is per interface address and not per interface. Furthermore, > the RFC says that on a retry of DAD the nodes will end up using a > different nonce implying that even for the same interface address it > should pick a different nonce for each DAD attempt. > Note that since there is no automatic retry of DAD (per RFC4862) and > each try would check the current sysctl setting so I don't think > pre-generating the nonce would change the behavior. Sorry for misreading the code then. ;) Indeed, I don't see a problem with your proposal. Thanks, Hannes
