SLAAC and Privacy Addresses
Erik Kline
I frequently hear discussions about SLAAC addresses versus privacy concerns about exposing a host's MAC address to the world. These concerns also have some intersection with management desires in a managed environment.
(1) All hosts should use SLAAC.
This address should be computable by software given a hosts
MAC and /64 prefix, and should go into DNS.
All services listening on the host should listen on
"[::]:<port>", and as such be reachable over the host's SLAAC address.
(2) All hosts should enable *and prefer* 3041 / privacy /
temporary addresses.
These addresses should be used by the host for external
connections, keeping the privacy folks happy.
[I say enable and prefer separately because they are two
different setting values in Linux,
/proc/sys/net/ipv6/conf/$interface/use_tempaddr]
Now, this does raise at least two concerns:
1. Some applications and OSes may accumulate a large number of
addresses. Apps will need to properly learn how to skip over
interfaces that are deprecated. In one case we had Kerberos
authentication failures because the address list presented to the KDC
was too huge.
2. Sysadmins/security folks need to realize that if you want to
track your users access publicly then you can't do that by IP address
anymore. Even if you try to force folks to use DHCPv6, J. Random Evildoer
can still use a ton of random addresses, one per socket if he likes.
Tracking has to be done in a different way.