[Dnsmasq-discuss] Multiple IPv6 Global addresses being assigned when using Router Advertisement
SamLT
sam at sltosis.org
Wed Jun 20 11:54:33 BST 2012
On Wed, Jun 20, 2012 at 10:33:55AM +0100, Chris O'Shea wrote:
> Good Morning all,
>
> I have noticed some behaviour with assigning IPv6 using dnsmasq which
> to me seems a bit strange and I wanted to bring it to your attention
> in case it is not meant to be as such.
>
> If I am running IPv6 DHCP range with ra-stateless and I have the
> ra-enable option set my client machine is assigned two seperate IPv6
> addresses from the same prefix.
>
> for example:
>
> domain-needed
> no-resolv
> local=/me.com/
> domain=me.com
> no-dhcp-interface=eth0
> no-dhcp-interface=eth2
> expand-hosts
> dhcp-range=fd00:ead5:c0a8:103::,ra-stateless
> ra-enable
> dhcp-option=option6:dns-server,[::]
> log-queries
> log-dhcp
>
> A client machine would then receive the a Global IPv6 address on the
> correct prefix comprising of its MAC address (with the obligatory
> FFFE), but it would also be assigned a secondary Global IPv6 address
> on the same prefix - although this one appears to be randomly
> generated.
This is normal behaviour, the first one (based on the EUI64) was
considered as a privacy violation as your computer is uniquely
identified with its mac adress(whatever the prefix is). And so this
address is also seen as a "super cookie"
The second address, indeed randomly generated, tries to avoid this
problem.
If you are on linux, you might want to look at the
net.ipv6.*.all.use_tempaddr sysctl key!
>
> Even though both ra-stateless and ra-enable are set I would only
> expect a single address to be assigned to anyone client.
>
> Best Regards,
>
> Chris.
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
More information about the Dnsmasq-discuss
mailing list