Given that this issue is public in the freedesktop gitlab instance, I'm making this issue public here as well.
** Information type changed from Private Security to Public Security -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/1967626 Title: 22.04 beta Network Manager still sets wrong IPv6 routing Status in network-manager package in Ubuntu: New Bug description: Hi, that's a bug I've already reported earlier both to ubuntu and network- manager upstream, and nobody seems to care about. I'm using an AVM FritzBox, a router family very common in Germany and Europe for DSL and DOCSIS, but saw reports of people confirming the problem with other routers. The router sends ICMPv6 router advertisements, which contain for both the configured site-local address and the provider-assigned world- routable address range both a * prefix information * router advertisement on itself All other OS and machines I have, including * Debian * Ubuntu Server * Ubuntu Core * Raspberry Pi OS * Other Linuxes * MacOS *... correctly set a link route on the network device for both the official and the site local address. Only Ubuntu Desktop machines with that damned Network Manager set a route to the router instead of a link route. The consequence is, that IPv6 still works, but significantly to slow, since packages are not switched on the network switch, but routed on the router, which dramatically decreases speed. I've reported this upstream to Network Manager, see the discussion on https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/840 but they do not even seem to understand the issue (Network Manager written by people not really understanding routing...) Their point of view is that the router will fix things by sending redirects. However, ICMPv6 redirects are considered a security problem and usually recommended to be turned off. The answer from NetworkManager developers is to fix the router, not the Network Manager to stop sending router advertisings, but can't explain why all other OS and other Linux distributions, including Ubuntu server and Ubuntu core do it correctly, and just NM doing it wrong. So Ubuntu/NetworkManagers unability to fix or even notice this essential problem forces people to either accept terribly slow IPv6 traffic in local networks, or to leave the machine open for ICMPv6 redirects, which, in general, is a security flaw and vulnerable. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1967626/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
