Archive for March, 2016

IPv6 may include MAC address of interface. How to stop it?

without comments

Here’s how your IPv6 address may include your MAC address. An example IPv6 address is something like this: – 2001:0db8:1:2:60:8ff:fe52:f9d8

– Take the last 64 bits (the host identifier) and add lead zeroes: 00:08ff:fe52:f9d8
– Cut “ff:fe” from the middle. (If these bytes are not there, then there’s no MAC address.)
– For the first byte: complement the second low-order bit (the universal/local bit; if ther bit is a 1, make it 0, and if it is a 0, make it 1) So: 0x00 (00000000) become 0x02 (00000010)
– “60:8ff:fe52:f9d8” now becomes “02:60:08:52:f9:d8”!

Privacy addressing is used to hide you MAC address from IPv6 (in statelesss cases). What Privacy addressing does is generate a random, temporary address that doesn’t contain your MAC address. Here’s how you enable Privacy addressing:

On Linux, to enable temporary addresses and make them preferred for outgoing connections:

# Enable IPv6 Privacy Extensions
net.ipv6.conf.all.use_tempaddr = 2
net.ipv6.conf.default.use_tempaddr = 2
net.ipv6.conf.nic0.use_tempaddr = 2
net.ipv6.conf.nicN.use_tempaddr = 2

On MS$

netsh inter ipv6 set privacy state=enabled

Written by spectre

March 29th, 2016 at 12:14 pm

Posted in ipv6