diff options
author | Hannes Frederic Sowa <hannes@stressinduktion.org> | 2015-03-24 01:36:06 +0300 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2015-03-24 05:12:09 +0300 |
commit | 9f0761c154eaf2bf796f7e0e3431631de8d362ae (patch) | |
tree | 8bba1bae6c6c9edf8c630dd317c748a7bfc80c69 | |
parent | 1855b7c3e8537c2a4f5a53c797624713bb3becb4 (diff) | |
download | linux-9f0761c154eaf2bf796f7e0e3431631de8d362ae.tar.xz |
ipv6: add documentation for stable_secret, idgen_delay and idgen_retries knobs
Cc: Erik Kline <ek@google.com>
Cc: Fernando Gont <fgont@si6networks.com>
Cc: Lorenzo Colitti <lorenzo@google.com>
Cc: YOSHIFUJI Hideaki/吉藤英明 <hideaki.yoshifuji@miraclelinux.com>
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r-- | Documentation/networking/ip-sysctl.txt | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/Documentation/networking/ip-sysctl.txt b/Documentation/networking/ip-sysctl.txt index 6c07c2b36909..071fb18dc57c 100644 --- a/Documentation/networking/ip-sysctl.txt +++ b/Documentation/networking/ip-sysctl.txt @@ -1220,6 +1220,17 @@ anycast_src_echo_reply - BOOLEAN FALSE: disabled Default: FALSE +idgen_delay - INTEGER + Controls the delay in seconds after which time to retry + privacy stable address generation if a DAD conflict is + detected. + Default: 1 (as specified in RFC7217) + +idgen_retries - INTEGER + Controls the number of retries to generate a stable privacy + address if a DAD conflict is detected. + Default: 3 (as specified in RFC7217) + mld_qrv - INTEGER Controls the MLD query robustness variable (see RFC3810 9.1). Default: 2 (as specified by RFC3810 9.1) @@ -1540,6 +1551,20 @@ use_optimistic - BOOLEAN 0: disabled (default) 1: enabled +stable_secret - IPv6 address + This IPv6 address will be used as a secret to generate IPv6 + addresses for link-local addresses and autoconfigured + ones. All addresses generated after setting this secret will + be stable privacy ones by default. This can be changed via the + addrgenmode ip-link. conf/default/stable_secret is used as the + secret for the namespace, the interface specific ones can + overwrite that. Writes to conf/all/stable_secret are refused. + + It is recommended to generate this secret during installation + of a system and keep it stable after that. + + By default the stable secret is unset. + icmp/*: ratelimit - INTEGER Limit the maximal rates for sending ICMPv6 packets. |