Re: PATCH to mark IPv6 addresses DETACHED when down or link down

[Matthew Mondor <mm_lists%pulsar-zone.net@localhost>]

On Mon, 22 Aug 2016 15:35:04 +0100
Roy Marples <roy%marples.name@localhost> wrote:

> We don't allow to bind to duplicated addresses for very good reasons.
> We currently don't allow you to bind to detached or tentative
> addresses because, just like the duplicate address, it cannot be
> currently used.

This was out of the scope of my situation, but this also means that
because another system pretends to have an identical address on the
network, this could result in an effective DoS preventing a legitimate
daemon to bind(2) at startup?

> 2) Keep the current contract where a successful bind call guarantees
> the address is currently usable. This means implementing one of the
> above flags and patching daemons - something which is happening
> outside of NetBSD anyway.

Wouldn't it be a special OS-specific sockoption?  Meaning that most
daemons would simply expect standard behaviour and remain unpatched
unless we fixed them ourselves? (and as a result, fail to bind at
startup on disconnected devices).

Thanks,
-- 
Matt