Bug 988023

Summary: IPv6 Privacy Extensions should be off by default
Product: [openSUSE] openSUSE Tumbleweed Reporter: Jiri Bohac <jbohac>
Component: BasesystemAssignee: Ludwig Nussel <lnussel>
Status: RESOLVED FIXED QA Contact: E-mail List <qa-bugs>
Severity: Normal    
Priority: P5 - None CC: ke
Version: Current   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Bug Depends on:    
Bug Blocks: 678066, 752842    

Description Jiri Bohac 2016-07-07 10:28:17 UTC 
IPv6 Privacy Extensions generates random temporary IPv6 addresses for outgoing connections to enhance the user's privacy. The mechanism is defined in RFC 4941.

As all IPv6 addresses, the temporary addresses have a "preferred lifetime" and a "valid lifetime".

Applications that open persistent or long-lasting connections lasting longer than the "valid lifetime" of the temporary address are broken by this.
This has been reported on NFS (see bsc#986395), same problem exists e.g. for instant messaging clients.

Because of this, the RFC recommends that Privacy Extensions be turned OFF by default:

RFC 4941 3.6.  Deployment Considerations:

   The use of temporary addresses may cause unexpected difficulties with
   some applications.  As described below, some servers refuse to accept
   communications from clients for which they cannot map the IP address
   into a DNS name.  In addition, some applications may not behave
   robustly if temporary addresses are used and an address expires
   before the application has terminated, or if it opens multiple
   sessions, but expects them to all use the same addresses.
   Consequently, the use of temporary addresses SHOULD be disabled by
   default in order to minimize potential disruptions.  Individual
   applications, which have specific knowledge about the normal duration
   of connections, MAY override this as appropriate.

OpenSUSE has this turned on by default in this file:
/usr/lib/sysctl.d/50-default.conf
owned by the aaa_base package.

The wrong default has been introduced in bsc#678066 without proper discussion.
Comment 1 Jiri Bohac 2016-07-13 13:17:53 UTC 
One possibility:

instead of completely disabling Privacy Extensions with use_tempaddr=0, we might want to set use_tempaddr=1

This way, the temporary addresses would be generated, but they would not be used by default. Applications wanting to use them would need to explicitly request that using the Source Address Selection API defined in RFC#5014 (using the IPV6_PREFER_SRC_TMP flag).

Although I doubt any application is doing that at the moment, it would be nice to give applications this opportunity.
Comment 3 Ludwig Nussel 2016-08-08 15:59:06 UTC 
use_tempaddr=1 is default in SLE now which Leap will inherit. TW will also get this default.