Answers:
我可能会丢失一些内容,但是在变更日志中看不到任何内容,这向我表明,在Yakkety中已删除了集成到Xenial的网络管理器中的RFC7217支持。
在16.04,我明白了。
sudo sysctl -a | grep stable_secret
sysctl: reading key "net.ipv6.conf.all.stable_secret"
sysctl: reading key "net.ipv6.conf.default.stable_secret"
sysctl: reading key "net.ipv6.conf.eth0.stable_secret"
sysctl: reading key "net.ipv6.conf.lo.stable_secret"
在16.10,我得到:
sysctl: reading key "net.ipv6.conf.all.stable_secret"
sysctl: reading key "net.ipv6.conf.default.stable_secret"
sysctl: reading key "net.ipv6.conf.enp0s3.stable_secret"
sysctl: reading key "net.ipv6.conf.lo.stable_secret"
因为我在这里看到的唯一区别是NIC的命名发生了变化,而且似乎没有任何变化,/proc/sys/net/ipv6/conf/all/stable_secret我认为说Ubuntu 16.10仍实现对RFC7217的支持是合乎逻辑的。虽然根据内核文档默认未设置
stable_secret - IPv6 address
This IPv6 address will be used as a secret to generate IPv6
addresses for link-local addresses and autoconfigured
ones. All addresses generated after setting this secret will
be stable privacy ones by default. This can be changed via the
addrgenmode ip-link. conf/default/stable_secret is used as the
secret for the namespace, the interface specific ones can
overwrite that. Writes to conf/all/stable_secret are refused.
It is recommended to generate this secret during installation
of a system and keep it stable after that.
进一步的研究表明,自发布NetworkManager 1.0.4起。默认情况下,隐私扩展是打开的,您可以使用ipv6.ip6-privacy属性对其进行控制。
您可以使用以下命令确认已安装的网络管理器的版本达到或超过该版本:dpkg -l network-manager
如果有人发现相反的信息,请给我评论,因为我很想看到它!
资料来源:
/unix/251401/cannot-read-key-net-ipv6-conf-all-stable-secret-in-sysctl/255955#255955
https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt
https://blogs.gnome.org/lkundrak/2015/12/03/networkmanager-and-privacy-in-the-ipv6-internet/