core,libnm: change default value for ipv4.dad-timeout from 0 to 200ms (!1826) · Merge requests · NetworkManager / NetworkManager

Beniamino Galvani requested to merge bg/ipv4-dad-enable-by-default into main Jan 03, 2024

Summary

Enable IPv4 duplicate address detection by default.

Purpose

A duplicate address is a serious issue which leads to non-working setups or problems hard to debug. Enable IPv4 duplicate address detection (aka ACD, RFC 5227) by default to detect such problems.

While the RFC recommends a timeout of 9 seconds, a comment in n-acd sources says:

  A 9s timeout for successful link setups is not acceptable today.
  Hence, we will just go forward and ignore the proposed values. On
  both wired and wireless local links round-trip latencies of below
  3ms are common.  We require the caller to set a timeout multiplier,
  where 1 corresponds to a total probe time between 0.5 ms and 1.0
  ms. On modern networks a multiplier of about 100 should be a
  reasonable default. To comply with the RFC select a multiplier of
  9000.

Set a default timeout of 200ms, which is the double of the value suggested in n-acd sources. 200ms sounds quick enough, and gives at least ~100ms to other hosts to reply.

See also the Fedora change proposal: https://fedoraproject.org/wiki/Changes/Enable_IPv4_Address_Conflict_Detection

core,libnm: change default value for ipv4.dad-timeout from 0 to 200ms

Summary

Purpose

Merge request reports