Too-frequent change of privacy address / ND monitoring
Tim Chown
tjc at ecs.soton.ac.uk
Fri May 24 20:11:11 CEST 2013
On 24 May 2013, at 17:44, Phil Mayers <p.mayers at imperial.ac.uk> wrote:
> On 26/03/13 12:14, Phil Mayers wrote:
>
>>
>> However, the more serious issue we've faced is (presumably broken) hosts
>> who re-generate their privacy addresses EXTREMELY frequently - on the
>> order of minutes. I have one host (a Mac, I believe)
>
> Just to follow up on this old thread.
>
> I've confirmed at least one cause of this; MacOS X, at least on my test machine (10.8.2) will re-generate the privacy address whenever it goes to sleep and wakes up again.
>
> This happens even if the old privacy address has hours or days left on the lifetime before sleeping, and the machine was asleep for minute.
>
> Grumble; it's crap like this that makes we want to force DHCPv6 and to hell with address privacy. Sadly the vast majority of Macs on our network are unmanaged, so I can't disable privacy addresses on them.
We saw this too; it caused issues with FHS on the Cisco WLC, which assumes that the (relatively) rapid IP changes are an attack...
Tim
More information about the ipv6-ops
mailing list