-
-
Notifications
You must be signed in to change notification settings - Fork 167
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow for selectively disabling IPv6 addresses #217
Allow for selectively disabling IPv6 addresses #217
Conversation
Signed-off-by: John Seekins <[email protected]>
Signed-off-by: John Seekins <[email protected]>
Signed-off-by: John Seekins <[email protected]>
Signed-off-by: John Seekins <[email protected]>
Signed-off-by: John Seekins <[email protected]>
/terratest |
Thank you @johnseekins-pathccm for this PR, and thank you @RoseSecurity for your help with it. This is an unusual use case, as evidenced by no one asking for it before now, even though IPv6 support was added over 2 years ago. As such, I'm hesitant to add these variables, as they can cause confusion. We already had a "master switch" in I know the proposal I'm about to make is more obscure and a bit trickier to implement, but in some ways I prefer that for such a rare use case. How about we do not add any new variables, but instead leverage the It's true that we are still adding 2 (or 4) boolean suppression flags, but by keeping them somewhat buried, I think we make it easier for people to ignore them and not worry about them or expect too much from them. |
The more I look at this, the less it feels useful. Closing. |
what
Allow for selectively disabling IPv6 addresses
why
We don't want IPv6 addresses in our private subnets, only public subnets. This PR lets that happen.
references