Reindl Harald wrote:
Am 08.04.2012 13:05, schrieb Frantisek Hanzlik:
Yes, I have it (as You wrote, on kernel cmdline - as having it in sysctl.conf seems not enough). But this nothing change on fact that
- I have unwanted things included in kernel
not really relevant
we both can not say how much more overhead in kernel code would be on different places to respect if it is loaded or not compared with a "module" which is aware that it is disabled
Networking code has especial position, as bugs / problems / misconfigurations in it have strong impact to machine security. And I simply do not want do any ip6tables and other ipv6 security configuration - because I do not want use ipv6 _entirely_
- something (NetworkManager or other malware;) can easily activate it.
who told you so? how can NetworkManager override a KERNEL parameter?
Have I after each update supervise whether NM or other stuff made some unwanted changes - maybe even on kernel commandline? And after each reboot again? No, I don´t want it.
in times where it was a loadable module it was the same you had to make sure to disable it AND it was loaded most of the time
even if I wipe it from disk most services was able reconstruct it and load again ;)
did you ever notice the dmesg messages about ipv6 is disabled and you have to reboot to enable it again while it was loaded all the time (this messages which appear if you remove "quiet" from the kernel-parameters and most people do not recognize)
As module, I can better control how use it and save memory too (although when ipv6 stack is disabled entirely, memory requirements may be lower - I not study about this)
the stack is disabled entirely and the memory footprint may be the same as unloaded module and code paths on different places which has to check this
Here I eventually agree with You.