If your address start with fe80, and not 2XXX, then that’s a link local address. Temporary addresses only apply to public addressing, aka when you actually have access to the IPv6 internet. With privacy extensions’ temporary addresses, you’ll still have a stable address, but it won’t be used for outgoing connections, so websites for example, will see only your temporary address.
On my PC for example, I get 3 IPv6 addresses. The link-local one for the internal stuff the router needs to do, my stable IPv6 address, and a temporary address, and if the PC stays for long enough, I get other temporary addresses.
Also, the missing temporary addresses on Fedora by default are not a bug, that bug is invalid as you can see; that’s something for Fedora to enable on Workstations, which they should: IPv6 temporary addresses on Workstations
Yes it starts with “fe” which means its local address. Because AFAIK my ISP does not assing me a public IP with V6.
But for privacy concerns can I also randomize IPv6 for local network? AFAIK also my ISP can see many details in my local network. Also it would be good if I will connect to public Wi-Fi.
By the way, I have randomized MAC for IPv4. Therefore I always have random local IP which is assigned by DHCP of my home router. But I always have same IPv6 on local network. That means my home router knows my device MAC, because router assign me the same IPv6 always. So the first config (config for ipV4 randomize) is not important anymore.
I’m not sure if I explained well. Let me explain with different words:
I want to hide my MAC from router. I use the randomized MAC for ipv4. But if the router can catch me from ipv6 there is no meaning to use randomized mac for ipv6. Because router already catch me via an identifier (which is ipv6 in this case).
The only solution seems to disable completely ipv6 which may break torrent, automatic port-forwarding, web-rtc, local-file-share applications etc…
Your router always knows your MAC, as the MAC is used to send data to your computer. Every package at its lowest layer contains the sending MAX and the Receiving MAC addresses.
The tooling randomizes per-network not per-connection.
Not that useful on a wired network to your router.
The ipv6 link-local include the mac as part of the address if you change MAC then the link-local will change.
If you are on a IPv4 only ISP use of IPv6 temporary addresses cannot be implemented. You need to have the router deligate a IPv6 prefix to your host for this to work.
I am in the middle of learning about this on my home network, not got it all working yet.
Yes I know. But can we implement random MAC (to get random IPv6 from DHCP) for local network? (Because most of ISP’s are able to see all connected devices with local IPv4, IPV6, MAC, host-name etc…)
Im already asking how to do that (changing MAC) on local network? (MAC for IPv4 changes but MAC for IPv6 does not change because I always get same IPv6 from DHCP on my local network).
If on my local-network IPv6 is not assigned by DHCP, that means Fedora set it. In this case I will ask if Fedora can change it randomly?
Your IPv4 router does not expose the MAC of any device inside your network. As you do not have IPv6 to the internet it cannot leak your MAC.
If you do geg IPv6 then you would want to implement the RFC that prevents leaking of MAC address that was part of the original IPv6 RFCs.
In my understanding the options are as follows
Permanent – The hardware MAC for the interface
Random – generates a new random MAC for every time it connects anywhere
Stable – generates a random MAC that then is used everywhere
Stable per SSID – generates a random MAC the first time it connects to a new SSID then uses that same MAC every time it connects to that same SSID
Preserve – I am not sure of the nuances for this option.
Note that once the connection is made the same MAC applies for both IPV4 and IPV6.
The IP address given by DHCP from the router is based on both hostname and MAC. The router remembers connections and DHCP leases the same as the PC remembers connections it has made.
Detailed information about each connection is found under /etc/NetworkManager/system-connections/
I don’t understand the sentence. can you please explain in different way?
As a result after I enable privacy-extension for ipv6, I don’t have randomized ipv6 for each time my OS restart. I need this. This is a huge privacy issue. Its so interesting so many people dont event talk about it.
Everyone use randomized mac for ipv4 but not ipv6 its so interesting
Oh you are saying that your ISP will spy on you by extracting data from the router!
There is only 1 MAC on an interface. There is not one for IPv4 and another for IPv6.
When you do the ip addr you will only see 1 MAC - labled “link/ether”.
If the MAC is ramdonised the that random MAC is use for both IPv4 and IPv6.