OS-4667: Allow sending from IPv6 SLAAC addresses within a zone using IP spoofing protection

Details

Issue Type:New Feature
Priority:4 - Normal
Status:Resolved
Created at:2015-08-23T06:00:39.000Z
Updated at:2015-12-18T18:55:45.000Z

People

Created by:Former user
Reported by:Former user
Assigned to:Former user

Resolution

Fixed: A fix for this issue is checked into the tree and tested.
(Resolution Date: 2015-12-18T18:55:45.000Z)

Fix Versions

2015-12-24 Ellis (Release Date: 2016-12-12)

Description

Upon receiving a Router Advertisement that indicates that the client should use SLAAC, the address that would be used by the client should be added to the allowed IPs list, determined from the prefix in the Router Advertisement and the modified EUI-64 method for converting 48-bit MAC addresses into the 64-bit host identifier.

It probably doesn't make sense to worry about privacy extensions too much, since they don't apply as much to people using zones. (Privacy extensions tend to be for people who are concerned about migrating between prefixes and being tracked across them.)

Comments

Comment by Former user
Created at 2015-12-18T18:55:16.000Z

illumos-joyent commit 380cf67 (branch master, by Cody Peter Mello)

OS-4667 Allow sending from IPv6 SLAAC addresses within a zone using IP spoofing protection
Reviewed by: Robert Mustacchi <rm@joyent.com>