> On Mar 30, 2020, at 8:30 PM, Roger Wiklund <[email protected]> wrote: > > Hi > > I played around with IPv6 on my Mac today (Mac OS Catalina) and I noticed > that besides the IP from DHCPv6 (dynamic) it's also generating two other > addresses. > > ether aa:bb:cc:dd:ee:ff > inet6 fe80::1cad:944f:df4a:d123%en0 prefixlen 64 secured scopeid 0x7 > inet6 2001:123:44:55:1a:f346:1bef:b88a prefixlen 64 autoconf secured > inet6 2001:123:44:55:20ac:49d2:68c5:595b prefixlen 64 autoconf temporary > inet6 2001:123:44:55::101 prefixlen 64 dynamic > > I don't really know that the "secured" address is used for TBH (both autoconf > are randomized and not based on the MAC) > The temporary address is used for outgoing connections and is changed every > so often. > The dynamic address if from my DHPv6 server. > > I think Windows has the same behaivour. > > This got me thinking, if the temporary address is used as the outgoing source > address, this gives me even less incentive to use DHCPv6. Especially since my > Juniper SRX supports RDNSS via RA: https://tools.ietf.org/html/rfc8106 > <https://tools.ietf.org/html/rfc8106> > > set protocols router-advertisement interface ge-0/0/0.20 dns-server-address > 2001:4860:4860::8888 lifetime 3600 > set protocols router-advertisement interface ge-0/0/0.20 dns-server-address > 2001:4860:4860::8844 lifetime 3600 > set protocols router-advertisement interface ge-0/0/0.20 prefix > 2001:123:44:55::/64 > > When I read DHCPv6 vs SLAAC it often boils down to "control" but I don't see > the need to allocate a dynamic address if the autogenerated are used. For > client's you dont really have any inbound connections unless it's a support > case. > > What's your view on this? > > Thanks!
I don’t understand why this is a disincentive of any consequence to preparing for the future by adopting IPv6. See also: https://apple.stackexchange.com/questions/315232/disable-temporary-autoconf-inet6-address <https://apple.stackexchange.com/questions/315232/disable-temporary-autoconf-inet6-address> (nota bene: I have not checked this on my Catalina systems due to time constraints.) James R. Cutler [email protected] GPG keys: hkps://hkps.pool.sks-keyservers.net
