On 01/04/2013 07:34 AM, staticsafe wrote:
On 1/4/2013 1:30, Patrick Lists wrote:
Hi all,
On an up-to-date F17 x86_64 box I was testing IPv6 and it was pointed
out that the IPv6 address that Fedora uses is traceable because it ends
in the MAC address of the nic. I don't like that and want to enable
privacy extensions which should replace the MAC address with some random
stuff in the IPv6 address.
I added the following to /etc/sysctl.d/ipv6_privacy_extensions and
rebooted:
net.ipv6.conf.default.use_tempaddr = 1
net.ipv6.conf.default.temp_prefered_lft = 7200
Unfortunately this does not work as I don't see an IPv6 address with
"scope global dynamic" and if I go to http://ip6.nl then it still shows
my IPv6 address with the MAC address in it.
Anyone know how to make this work?
Thanks,
Patrick
According to my Googling, net.ipv6.conf.default.use_tempaddr should have
a value of 2, not 1.
According to the Arch wiki [0] also:
# Enable IPv6 Privacy Extensions
net.ipv6.conf.all.use_tempaddr = 2
net.ipv6.conf.default.use_tempaddr = 2
net.ipv6.conf.<nic0>.use_tempaddr = 2
...
net.ipv6.conf.<nicN>.use_tempaddr = 2
[0] - https://wiki.archlinux.org/index.php/IPv6
Thank you for your suggestion. I fixed the value of those settings and
rebooted but still no joy. I am not using NetworkManager. Using network
instead with a bridged br0 interface because I have several VMs on this
box. Maybe that is messing things up or maybe the AVM Fritz!Box ADSL
modem handing out the IPv6 addresses is to blame for not handling this
properly.
Regards,
Patrick
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
