[sdnog] Temporary IPv6 Address

Nishal Goburdhan nishal at controlfreak.co.za
Wed Jan 28 14:35:46 SAST 2015

On 28 Jan 2015, at 10:57, Tarig Yassin <tariq198487 at hotmail.com> wrote:

> And is it necessary for every device? (this is the 1st time to hear about it Lol ) 

i'd have to check, but i don't think it's a *requirement* for IPv6 hosts.

sometimes, you might prefer not to use this.  for example, if you were the sysadmin of a corporate network, then you might be tempted to think that privacy addresses would be a nightmare, because you would not know which IPv6 address belonged to which host (since there is no correlation between mac address and IPv6 adddress).  in that case, using some sort of enterprise policy manager, you would probably want to disable this (remember i showed you some of the OS flags in my earlier message).

personally, i think that there are other ways to solve this;  ie. use some other way to match user <-> IP address so that you could do network auditing.  for example, you could use DHCP6 and force people to login, and capture their user-ids and tie that to a unique uuid for the device they login from...there are multiple ways to solve this problem   ;-)

as an individual, i prefer my privacy, so i generally like this feature.  so i do not suggest that you turn it off, because there are always smart-users who'd look for other ways around this...


More information about the sdnog mailing list