Howto enable IPv6 privacy extensions
staticsafe
me at staticsafe.ca
Fri Jan 4 06:34:14 UTC 2013
On 1/4/2013 1:30, Patrick Lists wrote:
> Hi all,
>
> On an up-to-date F17 x86_64 box I was testing IPv6 and it was pointed
> out that the IPv6 address that Fedora uses is traceable because it ends
> in the MAC address of the nic. I don't like that and want to enable
> privacy extensions which should replace the MAC address with some random
> stuff in the IPv6 address.
>
> I added the following to /etc/sysctl.d/ipv6_privacy_extensions and
> rebooted:
>
> net.ipv6.conf.default.use_tempaddr = 1
> net.ipv6.conf.default.temp_prefered_lft = 7200
>
> Unfortunately this does not work as I don't see an IPv6 address with
> "scope global dynamic" and if I go to http://ip6.nl then it still shows
> my IPv6 address with the MAC address in it.
>
> Anyone know how to make this work?
>
> Thanks,
> Patrick
According to my Googling, net.ipv6.conf.default.use_tempaddr should have
a value of 2, not 1.
According to the Arch wiki [0] also:
# Enable IPv6 Privacy Extensions
net.ipv6.conf.all.use_tempaddr = 2
net.ipv6.conf.default.use_tempaddr = 2
net.ipv6.conf.<nic0>.use_tempaddr = 2
...
net.ipv6.conf.<nicN>.use_tempaddr = 2
[0] - https://wiki.archlinux.org/index.php/IPv6
--
staticsafe
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org
Please don't top post - http://goo.gl/YrmAb
More information about the users
mailing list