On Tue, Dec 28, 2021 at 12:35:07PM +0100, Mike Fischer wrote: | So I guess the only way to get a stable IID with dynamic prefixes is | to use the eui64 method? (Which is based on the MAC-address and | leaks information.)
What information leak are you afraid of? Someone else knowing the MAC-address of your system? You can fix that by changing the MAC address of your interface (see the lladdr option in the ifconfig(8) manpage at http://man.openbsd.org/ifconfig#lladdr for details) Then you leak your "self chosen" MAC address - up to you to decide if that's still a concern (but note that it's not really different from "leaking" your IPv6 address in that case). | My options for running an OpenBSD server using IPv6 thus seem to be: | - Find a provider with static public IPv6 addresses (prefixes) That would work, but means you have to change providers - is that really what you want? Could be a good message to your current ISP to step up their IPv6 game. | - Use dynamic IPv6 addresses (prefixes) and eui64 IIDs Seems like the simplest way, especially using the lladdr option. | - Use an IPv6 tunnel broker like tunnelbroker.net to tunnel a static | IPv6 address (prefix) through IPv4 (6in4 tunnel) Seems less useful / efficient, if your provider offers native IPv6. Paul -- >++++++++[<++++++++++>-]<+++++++.>+++[<------>-]<.>+++[<+ +++++++++++>-]<.>++[<------------>-]<+.--------------.[-] http://www.weirdnet.nl/
