Should I be using ipv6_activate_all_interfaces or ip6addrctl_policy="ipv6_prefer"

Bjoern A. Zeeb bzeeb-lists at lists.zabbadoz.net
Wed Aug 27 11:59:39 UTC 2014 

On 27 Aug 2014, at 06:31 , Jonathan Price <freebsd at jonathanprice.org> wrote:

> On 2014-08-27 01:40, Peter Wemm wrote:
>> On Tuesday 26 August 2014 10:40:27 freebsd at jonathanprice.org wrote:
>>> Hello,
>>> 
>>> I am configuring a server with IPv4 and IPv6 addresses and have noticed that
>>> FreeBSD seems to be preferring IPv4, such as when establishing SSH
>>> connections.
>>> 
>>> After reading through /etc/defaults/rc.conf, and later /etc/rc.d/ip6addrctl
>>> I have come to the conclusion that I have two ways to tell FreeBSD to
>>> prefer IPv6:
>>> 
>>> 1) Add ipv6_activate_all_interfaces to /etc/rc.conf
>>> 2) Add ip6addrctl_policy="ipv6_prefer" to /etc/rc.conf
>>> 
>>> Could anybody with a little more knowledge on the matter explain to me which
>>> of the two options is more preferential?
>> 
>> They both do different things.
>> 
>> The activate knob is to enable ipv6 on an interface.  To oversimplify it, if
>> you configure an address on an interface, it is "enabled".  However, this
>> switch enables this on all the rest of the interfaces, even the ones you
>> didn't configure.
>> 
>> ip6addrctl* affects things like hostname lookups to sort the addresses returned
>> to the caller.
>> 
>> They are different things entirely.  I think you are expecting the behavior
>> that ip6_prefer policy gives you.  That's what we use in the freebsd.org
>> cluster to have it use ipv6 where possible.
>> 
> 
> Hi, and thanks for the response.
> 
> Would it be possible to go into a little detail as to what ipv6_activate_all_interfaces="YES" does to interfaces which don't explicitly have an address configured? I can’t appear to find much information on this option.

man rc.conf

has a description (which I should probably read myself;-) in case that gets you a bit further.   I think it’s a “backward compat helper” to the old ipv6_enable=“YES” switch which existed before we could enable IPv6 on a per-interface base.


> However, it does sound like for my purposes it would make more sense to use ip6addrctl_policy=“ipv6_prefer" as that is more explicitly the feature I want, rather than getting it inadvertently through the other knob.

Yes. Definitively.  I am not sure if it has happened but if IPv6 config is configured through rc.conf that setting should be(come) default.


Bjoern

— 
Bjoern A. Zeeb             "Come on. Learn, goddamn it.", WarGames, 1983

More information about the freebsd-net mailing list