Re: How do I keep an inet6 address from being added to an interface?

[Steven Bellovin <smb%cs.columbia.edu@localhost>]

On May 5, 2010, at 11:59 07PM, Arnaud Lacombe wrote:

> Hi,
> 
> On Wed, May 5, 2010 at 4:14 PM, Matthew Mondor 
> <mm_lists%pulsar-zone.net@localhost> wrote:
>> On Wed, 5 May 2010 10:10:43 -0700
>> Dennis Ferguson <dennis.c.ferguson%gmail.com@localhost> wrote:
>> 
>>> Hello,
>>> 
>>> I want to configure an interface up without any protocol addresses
>>> being added to (or protocols enabled on) the interface.  I see,
>>> however, that the act of typing `ifconfig rtk0 up' results in
>>> an ipv6 address being added to the interface, which I assume
>>> also enables ipv6 protocol processing.  How do I make it stop
>>> doing that?
>> 
>> Hmm after looking at sysctl(8) net.inet6 stubs and in6_ifattach.c there
>> seems to be no option that I see for that in netbsd-5.  It's part of
>> the ipv6 standard that interfaces have an automatic link-local address,
>> and that address can only be used on the local network, but I guess
>> that it could be legitimate for some administrator to not want a
>> link-local address configured.
>> 
> actually, there is a way, `ip6_auto_linklocal', but it is not made
> public. Maybe could we expose it in the sysctl tree ?

Does that work on per-interface?

I've often wanted such a feature: a way to ensure that NetBSD's kernel neither 
sends or acts on *any* packet received on certain interfaces.

                --Steve Bellovin, http://www.cs.columbia.edu/~smb