[Dnsmasq-discuss] Multiple IPv6 Global addresses being assigned when using Router Advertisement

[SamLT]

On Wed, Jun 20, 2012 at 10:33:55AM +0100, Chris O'Shea wrote:
> Good Morning all,
> 
> I have noticed some behaviour with assigning IPv6 using dnsmasq which
> to me seems a bit strange and I wanted to bring it to your attention
> in case it is not meant to be as such.
> 
> If I am running IPv6 DHCP range with ra-stateless and I have the
> ra-enable option set my client machine is assigned two seperate IPv6
> addresses from the same prefix.
> 
> for example:
> 
> domain-needed
> no-resolv
> local=/me.com/
> domain=me.com
> no-dhcp-interface=eth0
> no-dhcp-interface=eth2
> expand-hosts
> dhcp-range=fd00:ead5:c0a8:103::,ra-stateless
> ra-enable
> dhcp-option=option6:dns-server,[::]
> log-queries
> log-dhcp
> 
> A client machine would then receive the a Global IPv6 address on the
> correct prefix comprising of its MAC address (with the obligatory
> FFFE), but it would also be assigned a secondary Global IPv6 address
> on the same prefix - although this one appears to be randomly
> generated.


This is normal behaviour, the first one (based on the EUI64) was
considered as a privacy violation as your computer is uniquely
identified with its mac adress(whatever the prefix is). And so this
address is also seen as a "super cookie"

The second address, indeed randomly generated, tries to avoid this
problem.

If you are on linux, you might want to look at the
net.ipv6.*.all.use_tempaddr sysctl key!


> 
> Even though both ra-stateless and ra-enable are set I would only
> expect a single address to be assigned to anyone client.
> 
> Best Regards,
> 
> Chris.
> 
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss