diff options
author | Christian Poessinger <christian@poessinger.com> | 2020-09-13 00:15:29 +0200 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2020-09-13 00:21:32 +0200 |
commit | d49845421dbd8d0f470b7122022543eb45d10b7a (patch) | |
tree | b3cb47c4faf244fb7d6ea5d2599f3263a19d6814 /data/templates/macsec/wpa_supplicant.conf.tmpl | |
parent | 3077158391ceee4ce04c27dec33f629529727c36 (diff) | |
download | vyos-1x-d49845421dbd8d0f470b7122022543eb45d10b7a.tar.gz vyos-1x-d49845421dbd8d0f470b7122022543eb45d10b7a.zip |
ifconfig: T2863: only use IPv6 link-local address if interface has MAC address
With VyOS 1.2 the default WireGuard behavior is used. This means that when a
WireGuard interface is added to the system, there is no "MAC" address - also
there is no IPv6 link-local address assigned by the Kernel to this particular
interface.
With implementation of T2653 all interfaces now receive an IPv6 address - which
is also valid for WireGuard interfaces - unfortunately this logic relies on the
interface MAC address - and as there is none, the link-local address will be
always the same. The logic behind is coded here [1].
We generate an IPv6 link-local address even when there is no "MAC" address. The
behavior/functionality (as with VyOS 1.2) must be restored to not have a
link-local IPv6 address at all. Any user can add any IPv6 link-local address
manually by issuing: set interfaces wireguard wg01 address fe80::ff:1/64.
Change vyos.ifconfig.add_ipv6_eui64_address to only add the EUI64-based
link-local address if a MAC address is available.
[1] https://github.com/vyos/vyos-1x/blob/3077158391ceee4ce04c27dec33f629529727c36/python/vyos/ifconfig/interface.py#L468
Diffstat (limited to 'data/templates/macsec/wpa_supplicant.conf.tmpl')
0 files changed, 0 insertions, 0 deletions