From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9]) by lore.proxmox.com (Postfix) with ESMTPS id B68B31FF13A for ; Wed, 10 Jun 2026 16:47:34 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 37ACE123CE; Wed, 10 Jun 2026 16:47:33 +0200 (CEST) Date: Wed, 10 Jun 2026 16:46:57 +0200 From: Gabriel Goller To: Christoph Heiss Subject: Re: [PATCH installer 2/2] install: do not force gateway to IPv6 RA-received on non-bridged setups Message-ID: Mail-Followup-To: Christoph Heiss , pve-devel@lists.proxmox.com References: <20260610132710.199825-1-c.heiss@proxmox.com> <20260610132710.199825-2-c.heiss@proxmox.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20260610132710.199825-2-c.heiss@proxmox.com> User-Agent: NeoMutt/20241002-35-39f9a6 X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1781102771213 X-SPAM-LEVEL: Spam detection results: 0 AWL 0.028 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Message-ID-Hash: CSQGYXTYS2CDWU6UPHNOX2MFMOA2K7ED X-Message-ID-Hash: CSQGYXTYS2CDWU6UPHNOX2MFMOA2K7ED X-MailFrom: g.goller@proxmox.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop; banned-address; emergency; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header CC: pve-devel@lists.proxmox.com X-Mailman-Version: 3.3.10 Precedence: list List-Id: Proxmox VE development discussion List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: On 10.06.2026 15:27, Christoph Heiss wrote: > Skip writing the default gateway for the management interface to > /etc/network/interfaces if it was originally received through an IPv6 > RA. > > Otherwise, fresh, non-bridged (aka. anything other than PVE) > installations will repeatedly, i.e. on every received RA advertising a > different SLAAC-capable prefix, report an error in the journal that a > default gateway already exists. > > The Rust struct definitions are not touched, as the information is not > needed there (yet). > > Suggested-by: Gabriel Goller > Signed-off-by: Christoph Heiss Also for the record, because we talked about it: This only affects pmg, pbs and pdm, because there we set the ip address directly on the physical interface. In pve the physical interface is enslaved on the default vmbr0 bridge and the bridge has an ip address. When ifupdown2 creates a bridge with an ip address, then automatically adds net.ipv6.conf.vmbr0.forwarding=1 (the bridge also has the default net.ipv6.conf.vmbr0.accept_ra=1), which means it will drop every RA. So maybe we should set accept_ra=2 so that the bridge can accept RAs? Anyway, we can defer the pve problem for later -- pbs,pmg,pdm are more important because there we get a kernel error every few seconds. We also thought more generally about if we should disable RAs on the physical (or management) nics, because we always want to have a static address on our installations and dhcp/slaac are actually just "autofills" in the installer? Note: Search "accept_ra" on https://docs.kernel.org/networking/ip-sysctl.html.