diff --git a/libexec/rc/network.subr b/libexec/rc/network.subr index 1a83421b87b2..808e48532a13 100644 --- a/libexec/rc/network.subr +++ b/libexec/rc/network.subr @@ -134,8 +134,6 @@ ifconfig_up() if ! noafif $1 && afexists inet6; then if checkyesno ipv6_activate_all_interfaces; then _ipv6_opts="-ifdisabled" - elif [ "$1" != "lo0" ]; then - _ipv6_opts="ifdisabled" fi # backward compatibility: $ipv6_enable diff --git a/sys/netinet6/nd6.c b/sys/netinet6/nd6.c index 1597a4cb6b93..8ff6d1aafc74 100644 --- a/sys/netinet6/nd6.c +++ b/sys/netinet6/nd6.c @@ -273,6 +273,10 @@ nd6_ifattach(struct ifnet *ifp) nd->flags = ND6_IFF_PERFORMNUD; + /* Set IPv6 disabled on all interfaces but loopback by default. */ + if ((ifp->if_flags & IFF_LOOPBACK) == 0) + nd->flags |= ND6_IFF_IFDISABLED; + /* A loopback interface always has ND6_IFF_AUTO_LINKLOCAL. * XXXHRS: Clear ND6_IFF_AUTO_LINKLOCAL on an IFT_BRIDGE interface by * default regardless of the V_ip6_auto_linklocal configuration to @@ -290,8 +294,11 @@ nd6_ifattach(struct ifnet *ifp) */ if (V_ip6_accept_rtadv && !(ifp->if_flags & IFF_LOOPBACK) && - (ifp->if_type != IFT_BRIDGE)) + (ifp->if_type != IFT_BRIDGE)) { nd->flags |= ND6_IFF_ACCEPT_RTADV; + /* If we globally accept rtadv, assume IPv6 on. */ + nd->flags &= ~ND6_IFF_IFDISABLED; + } if (V_ip6_no_radr && !(ifp->if_flags & IFF_LOOPBACK)) nd->flags |= ND6_IFF_NO_RADR;