Privacy

From SixXS Wiki
Jump to: navigation, search

One fear with that some people have with IPv6, is that without a NAT, they have their internal IP addressed exposed that includes their MAC address, meaning that it could be used for tracking purposes. A solution to this is provided by RFC 3041 (Privacy Extensions for Stateless Address Autoconfiguration in IPv6) and its use is explained in a response in a forum discussion. The essentials are reproduced below:

Windows (starting with XP SP2) – enabled by default in XP, Vista, 7

  netsh inter ipv6 set privacy state=enabled

Linux

To enable temporary addresses and make them preferred for outgoing connections:

  sysctl net.ipv6.conf.all.use_tempaddr=2

To enable temporary address generation, but keep the old (Autoconf) address as preferred:

  sysctl net.ipv6.conf.all.use_tempaddr=1

The all part can be replaced with a specific interface name; e.g. net.ipv6.conf.eth0.use_tempaddr.

(I used ip link set eth0 down && ip link set eth0 up to force an address assignment, but you can just wait a minute for the next periodic Router Advertisement.)

Mac OS X

  sysctl -w net.inet6.ip6.use_tempaddr=1

Temporary addresses, if enabled, will be preferred.

FreeBSD

  sysctl net.inet6.ip6.use_tempaddr=1
  sysctl net.inet6.ip6.prefer_tempaddr=1

NetBSD

  sysctl -w net.inet6.ip6.use_tempaddr=1

Temporary addresses preference? I have no idea. The autoconf address seems to be preferred. ifconfig doesn't appear to list any address properties.