[PATCH] base-files: Don't enable ULA IPv6 addresses by default in new config

Baptiste Jonglez baptiste at bitsofnetworks.org
Fri Sep 9 00:38:27 PDT 2022

On 08-09-22, Michael Richardson wrote:
> >>>>> Baptiste Jonglez <git at bitsofnetworks.org> writes:
>     > - there have been various bug reports [1, 2, 3] in 19.07 and 21.02
>     > where ULA addresses basically break global IPv6 connectivity.  These
>     > bugs have not been solved in several years, indicating a probable lack
>     > of interest for ULA from the OpenWrt developer community.
> Seems to be
> a) a bug in MacOS.

That's debatable, Linux should probably always use a link-local address as
source address for NDP (but I haven't checked whether it's legal or not to
use ULA here).

> b) a bug reported in french, where my reading is that an he.net tunnel is
>    involved.  I don't see anything about ULAs here.
> c) a bug where a client didn't get a GUA, and not surprisingly, couldn't
>    ping the internet.
>    "so I suppose IP assignment is fine."
>    But they weren't because the router didn't assign a v6 prefix to the LAN.

Both are actually the same issue.  I spent some time with Thibault
troubleshooting this issue on his setup, and it does look like a real bug
when using both ULAs and global addresses.  But since I don't have any use
for ULAs, I cannot dedicate time to debug it further and try to fix it.
Same for Thibault, he didn't actually have any use for ULA so he ended up
disabling them.  I suspect this is a rather common way of sidestepping the

> Having ULAs available is critical to efforts to do HTTPS to the router.
> Please do not change this default.  

How do ULAs relate to HTTPS?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.openwrt.org/pipermail/openwrt-devel/attachments/20220909/810e69a5/attachment.sig>

More information about the openwrt-devel mailing list