Too-frequent change of privacy address / ND monitoring

Tim Chown tjc at ecs.soton.ac.uk
Fri May 24 20:11:11 CEST 2013


On 24 May 2013, at 17:44, Phil Mayers <p.mayers at imperial.ac.uk> wrote:

> On 26/03/13 12:14, Phil Mayers wrote:
> 
>> 
>> However, the more serious issue we've faced is (presumably broken) hosts
>> who re-generate their privacy addresses EXTREMELY frequently - on the
>> order of minutes. I have one host (a Mac, I believe)
> 
> Just to follow up on this old thread.
> 
> I've confirmed at least one cause of this; MacOS X, at least on my test machine (10.8.2) will re-generate the privacy address whenever it goes to sleep and wakes up again.
> 
> This happens even if the old privacy address has hours or days left on the lifetime before sleeping, and the machine was asleep for minute.
> 
> Grumble; it's crap like this that makes we want to force DHCPv6 and to hell with address privacy. Sadly the vast majority of Macs on our network are unmanaged, so I can't disable privacy addresses on them.

We saw this too; it caused issues with FHS on the Cisco WLC, which assumes that the (relatively) rapid IP changes are an attack...

Tim


More information about the ipv6-ops mailing list