02-06-2012 11:03 AM - edited 03-01-2019 05:32 PM
I am little confused about the IPv6 temporary address. From my understanding, by default both Win7 and MAC comuputers generate IPv6 temporary address once they learn a prefix from RA message. And more imporant, they will use the temporary address as the source of the communications. For ex, when a computer has one IPv6 address(got from DHCP) and one temporary address, it will use the temporary address for communications and the DHCP address will not be used at all. Has anyone seen any issues arised from using temporary address? Do you force computers to not using temporary address?
Following notes are taken from RFC4941 about the use of temporary address:
"The use of temporary addresses may cause unexpected difficulties with some applications. As described below, some servers refuse to accept communications from clients for which they cannot map the IP address into a DNS name. In addition, some applications may not behave robustly if temporary addresses are used and an address expires before the application has terminated, or if it opens multiple sessions, but expects them to all use the same addresses. Consequently, the use of temporary addresses SHOULD be disabled by default in order to minimize potential disruptions. Individual applications, which have specific knowledge about the normal duration of connections, MAY override this as appropriate.
"
If anyone can share their experience of using temporary address in production network, that will be great!
Thanks.
Zhenning
Solved! Go to Solution.
02-13-2012 04:14 PM
So temporary addresses, or privacy addresses as they are somtimes called, work well for a lot of applications. If you do not care about the privacy afforded by temporary addresses, you an disable them:
http://blackundertone.wordpress.com/2011/08/04/disable-windows-7-ipv6-random-temporary-addresses/
http://tech.buraglio.com/2011/07/macos-107-and-ipv6-privacy-addressing.html
Also, you can configure the routers such that the devices themselves do not use SLAAC at all and rely exclusively on DHCP, depending on whether or not your DHCPv6 server is managing addresses.
See http://blogs.cisco.com/borderless/ipv6-automatic-addressing/ for more tips.
02-13-2012 04:14 PM
So temporary addresses, or privacy addresses as they are somtimes called, work well for a lot of applications. If you do not care about the privacy afforded by temporary addresses, you an disable them:
http://blackundertone.wordpress.com/2011/08/04/disable-windows-7-ipv6-random-temporary-addresses/
http://tech.buraglio.com/2011/07/macos-107-and-ipv6-privacy-addressing.html
Also, you can configure the routers such that the devices themselves do not use SLAAC at all and rely exclusively on DHCP, depending on whether or not your DHCPv6 server is managing addresses.
See http://blogs.cisco.com/borderless/ipv6-automatic-addressing/ for more tips.
02-14-2012 09:56 AM
Thanks Phillip!
The "ipv6 nd prefix 2001:db8::/64 300 300 no-autoconfig" command is what I am looking for.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide