On Wed, 23 Apr 2003, Tim Chown wrote: > On Wed, Apr 23, 2003 at 08:28:28AM +0300, Pekka Savola wrote: > > > > Who said IPv6 addresses based on MAC addresses should be used on servers? > > > > We certainly don't. Manually configuring is the thing. > > although not with <prefix>::1, at least pick a random-ish 64-bit host > part to make the port scanners have to work rather harder... Yep. For example, we use a very simple numbering which makes all the hosts within a site unique (so, there will not be an address collision even if server A is moved from link 1 to link 2 where server B is). Works Just Great (tm). (Except implementation support could be better :-). -- Pekka Savola "You each name yourselves king, yet the Netcore Oy kingdom bleeds." Systems. Networks. Security. -- George R.R. Martin: A Clash of Kings