IPv6 Privacy Extensions

The privacy extensions as defined in RFC4941 make your device change its IP every now and then.

Privacy addresses are not enabled by default. Their generation is activated via the sysctl directive use_tempaddr that can be set to one of the following values:

  • 0 don't use privacy extensions.
  • 1 generate privacy addresses
  • 2 prefer privacy addresses and use them over the normal addresses.

IPv6 Privacy Extensions on Ubuntu

Activate it in Ubuntu by adding net.ipv6.conf.all.use_tempaddr=2 to /etc/sysctl.conf. Or in a one-time action (will be reset on reboot):

echo 2 >/proc/sys/net/ipv6/conf/all/use_tempaddr

If you replace all with eth0 you can set the value for this particular network interface.

IPv6 Privacy Extensions on Mac OS X

http://www.macuser.de/forum/f65/privacy-extensions-fuer-568430/

# set it for the system as long as it's running:
sudo sysctl -w net.inet6.ip6.use_tempaddr=1
# make it permanent:
cat << EOF | sudo tee -a /etc/sysctl.conf
net.inet6.ip6.use_tempaddr=1
EOF

To check the current value, run sysctl net.inet6.ip6.use_tempaddr.

On Mac OS X, use_tempaddr=1 is enough to prefer temporary IPv6 addresses to permanent or autoconf ones for outgoing connections.

Resources

Comments