From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id DC96D158083 for ; Wed, 25 Sep 2024 11:54:05 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 5BBEFE2BB3; Wed, 25 Sep 2024 11:53:59 +0000 (UTC) Received: from smtp.gentoo.org (woodpecker.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 0179BE2BAD for ; Wed, 25 Sep 2024 11:53:58 +0000 (UTC) From: =?utf-8?Q?Arsen_Arsenovi=C4=87?= To: Walter Dnes Cc: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Wayland! Beware of! In-Reply-To: (Walter Dnes's message of "Wed, 25 Sep 2024 06:00:36 -0400") Organization: Gentoo References: <65e5de50-e053-46ff-be61-52f472d95025@gentoo.org> <6af6d0dd-f081-4345-b574-ea6d6c9358bb@gentoo.org> Date: Wed, 25 Sep 2024 13:53:49 +0200 Message-ID: <86a5fw7xv6.fsf@gentoo.org> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Archives-Salt: 51965bcc-2c33-443a-a42d-a2308099c955 X-Archives-Hash: 1a0db5f761a95a07a7e0af35505d425a --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Walter Dnes writes: > On Tue, Sep 24, 2024 at 09:42:23PM -0400, Eli Schwartz wrote > >> If you actually want to disable ipv6, instead of insanely rebuilding >> binaries to use untested broken segfaulting code, use the sysctl >> knob to tell the kernel "when asked to give some application a bit >> of internet traffic, don't use ipv6". >>=20 >> net.ipv6.conf.all.disable_ipv6 > > My system is actually very stable. In the shitstorm that erupted on > this list at "ipv6" enabling I did not see any mention of sysctl. In my > /etc/default/grub file I have... > > GRUB_CMDLINE_LINUX_DEFAULT=3D"noexec=3Don net.ifnames=3D0 ipv6.disable=3D= 1" > > With this setting is it guaranteed that a program compiled with "ipv6" > flag will not try IPV6 first and timeout before dropping down to IPV4? That's not how IPv6 is supported. Dual-stack support relies on 'happy eyeballs', an algorithm by which both IPv4 and v6 are tried optimistically, and the first one to succeed is accepted. This adds no latency. I suspect your Firefox anecdote happened due to misconfiguration (I think network.http.fast-fallback-to-IPv4 dictates the use of this algorithm in Firefox). As a point of reference, I do nothing to disable IPv6 support, and my ISP does not provide IPv6 support, yet I have no added latency due to IPv6 support being enabled. I just get the benefits of better LANs and internal networks. There is no reason to disable IPv6 support, as Eli said (especially if yo do not know _what_ you're trying to disable, and are just trying to blanket-disable a vague concept of IPv6). > How OS-specific is this? Not at all. > I "asked Mr. Google" and the NordVPN web page recommended for Redhat > based distros... > > net.ipv6.conf.all.disable_ipv6=3D1 > net.ipv6.conf.default.disable_ipv6=3D1 > net.ipv6.conf.tun0.disable_ipv6=3D1 > > For Debian-based distros... > > net.ipv6.conf.all.disable_ipv6 =3D 1 > net.ipv6.conf.default.disable_ipv6 =3D 1 > net.ipv6.conf.lo.disable_ipv6 =3D 1 > net.ipv6.conf.tun0.disable_ipv6 =3D 1 > > Other answers for disabling IPV6 include stuff like... > > net.ipv6.conf.all.disable_ipv6 =3D 1 > net.ipv6.conf.default.disable_ipv6 =3D 1 > net.ipv6.conf.lo.disable_ipv6 =3D 1 > net.ipv6.conf.eth0.disable_ipv6 =3D 1 Note that all of the above include interface names, this is why they differ, and just copy-pasting them blindly will not work. Note also that they're all identical, save for the interfaces mentioned. > BTW, I did *NOT* have IPV6 enabled when the USE flag changed... > > [x8940][root][~] grep IPV6 /usr/src/linux/.config=20 > # CONFIG_IPV6 is not set > > > >> That's quite the bloated collection of enabled USE flags you have >> there -- lots of stuff that are much more bloated than ipv6, in >> fact. :) > > Stuff that I don't use is left disabled. I occasionally look at my > package.use file. If a flag is enabled for multiple apps there, I run=20 > > USE=3D"flag" emerge -pv --changed-use --deep --pdate @world > > If there isn't much new stuff pulled in I'll... > > * enable the flag in make.conf > * delete the enabling entries in package.use > * disable, in package.use, the flag for new stuff that tha flag pulls in > > This minimizes the size of my package.use file. Note: this is optimal > for the collection of apps *THAT I USE*. YMMV. =2D-=20 Arsen Arsenovi=C4=87 --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iOcEARYKAI8WIQT+4rPRE/wAoxYtYGFSwpQwHqLEkwUCZvP5zV8UgAAAAAAuAChp c3N1ZXItZnByQG5vdGF0aW9ucy5vcGVucGdwLmZpZnRoaG9yc2VtYW4ubmV0RkVF MkIzRDExM0ZDMDBBMzE2MkQ2MDYxNTJDMjk0MzAxRUEyQzQ5MxEcYXJzZW5AZ2Vu dG9vLm9yZwAKCRBSwpQwHqLEk/AMAP4tmfI+v+hJxdsagyfCLy2f1u/UWnD6EZ4c 63jdn+UMbQD/fKzHD4PjwuAxXf4SHuzMd3Z0GAEwSZ83p5kljilXCgw= =mXBA -----END PGP SIGNATURE----- --=-=-=--