cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
12811
Views
0
Helpful
2
Replies

IPv6 Temporary Address

zhenningx
Level 4
Level 4

I am little confused about the IPv6 temporary address. From my understanding, by default both Win7 and MAC comuputers generate IPv6 temporary address once they learn a prefix from RA message. And more imporant, they will use the temporary address as the source of the communications. For ex,  when a computer has one IPv6 address(got from DHCP) and one temporary address, it will use the temporary address for communications and the DHCP address will not be used at all. Has anyone seen any issues arised from using temporary address? Do you force computers to not using temporary address?

Following notes are taken from RFC4941 about the use of temporary address:

"The use of temporary addresses may cause unexpected difficulties with    some applications.  As described below, some servers refuse to accept    communications from clients for which they cannot map the IP address    into a DNS name.  In addition, some applications may not behave    robustly if temporary addresses are used and an address expires    before the application has terminated, or if it opens multiple    sessions, but expects them to all use the same addresses.    Consequently, the use of temporary addresses SHOULD be disabled by    default in order to minimize potential disruptions.  Individual    applications, which have specific knowledge about the normal duration    of connections, MAY override this as appropriate.

"

If anyone can share their experience of using temporary address in production network, that will be great!

Thanks.

Zhenning

1 Accepted Solution

Accepted Solutions

Phillip Remaker
Cisco Employee
Cisco Employee

So temporary addresses, or privacy addresses as they are somtimes called, work well for a lot of applications.  If you do not care about the privacy afforded by temporary addresses, you an disable them:

http://blackundertone.wordpress.com/2011/08/04/disable-windows-7-ipv6-random-temporary-addresses/

http://tech.buraglio.com/2011/07/macos-107-and-ipv6-privacy-addressing.html

Also, you can configure the routers such that the devices themselves do not use SLAAC at all and rely exclusively on DHCP, depending on whether or not your DHCPv6 server is managing addresses. 

See http://blogs.cisco.com/borderless/ipv6-automatic-addressing/ for more tips.

View solution in original post

2 Replies 2

Phillip Remaker
Cisco Employee
Cisco Employee

So temporary addresses, or privacy addresses as they are somtimes called, work well for a lot of applications.  If you do not care about the privacy afforded by temporary addresses, you an disable them:

http://blackundertone.wordpress.com/2011/08/04/disable-windows-7-ipv6-random-temporary-addresses/

http://tech.buraglio.com/2011/07/macos-107-and-ipv6-privacy-addressing.html

Also, you can configure the routers such that the devices themselves do not use SLAAC at all and rely exclusively on DHCP, depending on whether or not your DHCPv6 server is managing addresses. 

See http://blogs.cisco.com/borderless/ipv6-automatic-addressing/ for more tips.

Thanks Phillip!

The "ipv6 nd prefix 2001:db8::/64 300 300 no-autoconfig" command is what I am looking for.