Groups | Search | Server Info | Login | Register
Groups > linux.debian.maint.ipv6 > #139
| From | Bjørn Mork <bjorn@mork.no> |
|---|---|
| Newsgroups | linux.debian.maint.ipv6 |
| Subject | Re: Disabling IPv6 by default when creating a new namespace in Linux |
| Date | 2022-06-09 09:10 +0200 |
| Message-ID | <EwksN-3BYj-11@gated-at.bofh.it> (permalink) |
| References | (7 earlier) <EvMAN-3g36-3@gated-at.bofh.it> <EvN3P-3gt7-5@gated-at.bofh.it> <EvNZT-3h2x-1@gated-at.bofh.it> <EvNZU-3h2x-3@gated-at.bofh.it> <Ew5Dr-3sM6-5@gated-at.bofh.it> |
| Organization | m |
Dheeraj Kandula <dkandula@gmail.com> writes:
> I looked into the code to figure out where the IPv6 configuration is copied from for a new namespace.
>
> I came across this function addrconf_init_net. I assume this is the function that is invoked when a new namespace is created.
>
> Inside this function, I came across this code,
>
> if (IS_ENABLED(CONFIG_SYSCTL) &&
> !net_eq(net, &init_net)) {
> switch (sysctl_devconf_inherit_init_net) {
> case 1: /* copy from init_net */
> memcpy(all, init_net.ipv6.devconf_all,
> sizeof(ipv6_devconf));
> memcpy(dflt, init_net.ipv6.devconf_dflt,
> sizeof(ipv6_devconf_dflt));
> break;
> case 3: /* copy from the current netns */
> memcpy(all, current->nsproxy->net_ns->ipv6.devconf_all,
> sizeof(ipv6_devconf));
> memcpy(dflt,
> current->nsproxy->net_ns->ipv6.devconf_dflt,
> sizeof(ipv6_devconf_dflt));
> break;
> case 0:
> case 2:
> /* use compiled values */
> break;
> }
> }
>
> If I set the value of net.core.devconf_inherit_init_net to 1, when a new namespace is created the values in init_net(which again I assume is init process' namespace value - global/default namespace)
>
> will be copied into the new namespace. A few lines later, the following code is present.
>
> dflt->disable_ipv6 = ipv6_defaults.disable_ipv6; <<<<< This ipv6_defaults.disable_ipv6 comes from the GRUB command line value of disable_ipv6.
>
> Hence if I enable IPv6 before creating a new namespace, the new namespace still will have IPv6 disabled, because of the above single line of code. Is this correct?
>
> net.ipv6.conf.all.disable_ipv6 is used to change the IPv6 state for all the currently available interfaces.
>
> net.ipv6.conf.default.disable_ipv6 has the default value from ipv6_defaults.disable_ipv6 i.e. the grub one. If I change this sysctl, what impact does it have?
Yes, this looks inconsistent.
It might have been intentional to avoid breaking existing behaviour,
since the inherit_init_net knob was added long after the default
disable_ipv6 stuff. But there doesn't seem to have been any discussion
around this when that knob was first introduced:
https://lore.kernel.org/all/20190122.110739.525639247784135260.davem@davemloft.net/T/
This is unsuspected if it was intentional. I would have expected at
least a comment in the commit message.
I suggest you ask about this on the netdev@vger.kernel.org list. They
are the experts. Don't know how easy it is attracting attention to such
a question though... One trick might be to send a patch fixing the
problem. That should at least provoke a discussion. Or simply be
applied if everyone agrees that it's correct ;-)
Bjørn
Back to linux.debian.maint.ipv6 | Previous | Next — Previous in thread | Next in thread | Find similar
Disabling IPv6 by default when creating a new namespace in Linux Dheeraj Kandula <dkandula@gmail.com> - 2022-06-07 18:30 +0200
Re: Disabling IPv6 by default when creating a new namespace in Linux Dheeraj Kandula <dkandula@gmail.com> - 2022-06-07 19:10 +0200
Re: Disabling IPv6 by default when creating a new namespace in Linux Dheeraj Kandula <dkandula@gmail.com> - 2022-06-07 19:30 +0200
Re: Disabling IPv6 by default when creating a new namespace in Linux marcoshalano@gmail.com - 2022-06-07 20:40 +0200
Re: Disabling IPv6 by default when creating a new namespace in Linux Dheeraj Kandula <dkandula@gmail.com> - 2022-06-07 21:40 +0200
Re: Disabling IPv6 by default when creating a new namespace in Linux Dheeraj Kandula <dkandula@gmail.com> - 2022-06-07 21:50 +0200
Re: Disabling IPv6 by default when creating a new namespace in Linux Dheeraj Kandula <dkandula@gmail.com> - 2022-06-07 20:40 +0200
Re: Disabling IPv6 by default when creating a new namespace in Linux Bjørn Mork <bjorn@mork.no> - 2022-06-07 21:00 +0200
Re: Disabling IPv6 by default when creating a new namespace in Linux Dheeraj Kandula <dkandula@gmail.com> - 2022-06-07 21:30 +0200
Re: Disabling IPv6 by default when creating a new namespace in Linux Dheeraj Kandula <dkandula@gmail.com> - 2022-06-07 22:30 +0200
Re: Disabling IPv6 by default when creating a new namespace in Linux Dheeraj Kandula <dkandula@gmail.com> - 2022-06-08 17:20 +0200
Re: Disabling IPv6 by default when creating a new namespace in Linux Bjørn Mork <bjorn@mork.no> - 2022-06-09 09:10 +0200
Re: Disabling IPv6 by default when creating a new namespace in Linux Bjørn Mork <bjorn@mork.no> - 2022-06-07 22:30 +0200
Re: Disabling IPv6 by default when creating a new namespace in Linux Bjørn Mork <bjorn@mork.no> - 2022-06-07 20:40 +0200
Re: Disabling IPv6 by default when creating a new namespace in Linux Bjørn Mork <bjorn@mork.no> - 2022-06-07 19:30 +0200
Re: Disabling IPv6 by default when creating a new namespace in Linux Marc Haber <mh+debian-ipv6@zugschlus.de> - 2022-06-07 19:20 +0200
Re: Disabling IPv6 by default when creating a new namespace in Linux Dheeraj Kandula <dkandula@gmail.com> - 2022-06-07 19:30 +0200
Re: Disabling IPv6 by default when creating a new namespace in Linux Bjørn Mork <bjorn@mork.no> - 2022-06-07 19:40 +0200
Re: Disabling IPv6 by default when creating a new namespace in Linux Bjørn Mork <bjorn@mork.no> - 2022-06-07 19:30 +0200
csiph-web