i honestly hate the ipv6 autoconfig attitude! it happens to me several times that i forgot to deactivate ipv6 autoconfig in my datacenter, the result was always a virtualization host with all spice, migration and ssh ports hooked directly to the internet! answer from lkml: it is designed to be that way because thats convenient for the user! 😨😨😨
@zem They're not wrong, its really really convenient. Unbelievably so.
You're kind of meant to do extra configuration in a datacenter (like making sure the IPMI port is plugged in so as to not hijack the main connection), so yeah. I know someone who doesn't use netboot, or any kind of automation, not even DHCP, and installed and configured each server manually, in a not so small datacenter.
@lynne it is not about the extra work, it is simply that you likely forget the deactivation step especially if you deliberately bring up an interface without ip it should stay that way!
Userland knows best if the user wants to bring up an interface with v4 or v6 address or as bridge and can enable autoconf as needed, without regular users noticing. there is no need to have that enabled by default in the kernel and therefore it is a risk in my opinion.
This is the social network for Conesphere.com's community.