[Dnsmasq-discuss] Multiple IPv6 Global addresses being assigned when using Router Advertisement
simon at thekelleys.org.uk
Wed Jun 20 11:48:38 BST 2012
On 20/06/12 10:33, Chris O'Shea wrote:
> Good Morning all,
> I have noticed some behaviour with assigning IPv6 using dnsmasq which
> to me seems a bit strange and I wanted to bring it to your attention
> in case it is not meant to be as such.
> If I am running IPv6 DHCP range with ra-stateless and I have the
> ra-enable option set my client machine is assigned two seperate IPv6
> addresses from the same prefix.
> for example:
> A client machine would then receive the a Global IPv6 address on the
> correct prefix comprising of its MAC address (with the obligatory
> FFFE), but it would also be assigned a secondary Global IPv6 address
> on the same prefix - although this one appears to be randomly
> Even though both ra-stateless and ra-enable are set I would only
> expect a single address to be assigned to anyone client.
My guess is that the host has IPv6 privacy extensions enabled and the
second address is a privacy address, designed to stop tracking of
clients via the use of a global address with an even-more-global MAC
address embedded in it. The machine will accept connections on both
addresses, but use the privacy address in preference for outgoing
connections. It will also generate a new privacy address every few hours.
Configuring this off is a client thing: there's nothing in the
router-advertisement that can be used to disable it, AFAIK.
More information about the Dnsmasq-discuss