On my routers, this is the first release I have not needed to run 3rd party software for core functionality.
dhcp6leased is now included to handle IPv6-PD, and if your ISP supports SLAAC, slaacd is included as well for your WAN interface. I still have my fingers crossed for DHCPv6 normal address delegation, but it's a great step!
For the sake of discussing it here: why would you need a SLAAC daemon?
Edit: My question wasn't so much why you'd want SLAAC as why you'd need a daemon for it. From https://www.openbsd.org/papers/florian_slaacd_bsdcan2018.pdf:
> Remove sending of router solicitations and processing of router advertisements from the kernel.
Oh, got it. That totally makes sense in an OpenBSD way.
At least for my ISP, SLAAC installs a default route and uses link-local addresses to route traffic (I actually didn't know this would work until I tried with OpenBSD 7.6). This allows the PD LAN subnet to be routed out to the internet.
YMMV!
edit: I may be slightly misunderstanding, and it might not be needed. Regardless, my router can now ping internet addresses while running slaacd.
It can be one.
Perhaps you don’t want it.
Never said otherwise. I wasn't aware of a need for such a thing before just now and wondered why that would be a nice thing to have.
I could go off and RTFM, but then we wouldn't get to talk about it.
SLAAC is basically an IPv6 alternative to how DHCP works. With IPv6, you can either use DHCPv6 (ISPs deliver Prefix Delegations and Normal Addresses this way) or SLAAC (How one typically gets an IPv6 address on a LAN or route from a Link-Local address on an ISP).
Hopefully that's clear as mud ;) I would encourage you to go check out IPv6 if that was the intent of your original question. It actually makes more sense after you dive in, and can be pretty neat.
ULAs (Unique Local Address) are one often-overlooked part of which I'm an advocate.
I just replied to myself with an edit to the higher level comment. Sure, I use IPv6 with SLAAC. I'd never needed a separate daemon to handle it, though. I hadn't imagined that OpenBSD would pull that out into its own program, but I'm not at all surprised now that I've heard about it.
ah - gotcha! Yep. OpenBSD is big on the least-privilege principle, Which IMO is why it's pulled out into a separate daemon that only has the permissions and visibility to do what it needs.
Yeah, that seems like a very OpenBSD thing to do, and I mean that positively. It just initially struck me, like, "yay, I no longer have to install a ping daemon!" "A what daemon?"
I should have included more text I guess. I was providing two answers to why it was one:
1. It can be one so it probably should be. 2. This lets you not run it.
I'm looking forward to blatting my test laptop and installing this on it tonight. I ran OpenBSD as my daily driver for a couple of months a few years back and loved it, but development needs required docker and such so had ended up using it less. Maybe it's time to revisit vmm again.
For a laptop, you should feel pretty comfortable running -current :)
It's actually very, very stable compared to how other OS's development usually goes.
That's true!
Dupe: https://news.ycombinator.com/item?id=41772158
EDIT: why the downvotes?
The official OpenBSD announcement is not the link from this thread.
It's from the original/dupe HN thread I linked too (2-days ago).
I suspect it might've been a couple of reasons:
1. I actually preferred this link that showed the highlights in a compact format.
2. There are some other HN user(s) who seem to be obsessed with posting [dupe] comments like their lives depended on it, and others may find it off putting. I know I do. Unless it's an exact dupe and very recent, for me it has "ha-ha, gotcha!" or Wikipedia deletionist vibes. For some reason, "See also:" doesn't bug me nearly so much. Maybe because that seems like a notice for the benefit of the reader, but "dupe" sounds to me like a callout to a moderator to hide the story.