IPv6 may include MAC address of interface. How to stop it?

Here’s how your IPv6 address may include your MAC address. An example IPv6 address is something like this: – 2001:0db8:1:2:60:8ff:fe52:f9d8

– Take the last 64 bits (the host identifier) and add lead zeroes: 00:08ff:fe52:f9d8
– Cut “ff:fe” from the middle. (If these bytes are not there, then there’s no MAC address.)
– For the first byte: complement the second low-order bit (the universal/local bit; if ther bit is a 1, make it 0, and if it is a 0, make it 1) So: 0x00 (00000000) become 0x02 (00000010)
– “60:8ff:fe52:f9d8” now becomes “02:60:08:52:f9:d8”!

Privacy addressing is used to hide you MAC address from IPv6 (in statelesss cases). What Privacy addressing does is generate a random, temporary address that doesn’t contain your MAC address. Here’s how you enable Privacy addressing:

On Linux, to enable temporary addresses and make them preferred for outgoing connections:

# Enable IPv6 Privacy Extensions
net.ipv6.conf.all.use_tempaddr = 2
net.ipv6.conf.default.use_tempaddr = 2
net.ipv6.conf.nic0.use_tempaddr = 2
...
net.ipv6.conf.nicN.use_tempaddr = 2

On MS$

netsh inter ipv6 set privacy state=enabled

Leave a Reply

Your email address will not be published. Required fields are marked *

*

Scroll to top