PTR records for IPv6

Dan Wing dwing at
Thu Sep 5 04:47:11 CEST 2013

On Sep 4, 2013, at 4:43 AM, S.P.Zeidler <spz at> wrote:

> Hi,
> Thus wrote Jens Link (lists at
>> I think vendors should put some sensible defaults in place, e.g. no
>> SLAAC, no privacy extensions, no temporary addresses on severs.
> I don't think this is really something the OS should do.
> If a program requests a specific address when building a socket, and that
> address is configured at all, it gets it on every OS I'm aware of.
> In an IPv6 world, network services (aka, smtp, http, dns, .. servers)
> should -always- be bound (and bindable) to specific addresses both for
> incoming and outgoing connections. It's not funny if your smtp server
> tries to deliver through the firewall with its http server address, which
> is then Not Allowed (tm) :)

Yes, disabling IPv6 privacy addresses makes tons of things easier -- including traffic analysis.  One of the primary purposes of IPv6 privacy addresses was to antagonize traffic analysis and discourage one of the justifications to create a NAPT66 device (as one of the justifications for NAPT is to antagonize traffic analysis). has lots of good details.  (And I know privacy information is leaked at upper layers; there are constant attempts at those layers to reduce their privacy leakage and it doesn't excuse exposing privacy at layer 3).


> regards,
> 	spz
> -- 
> spz at (S.P.Zeidler)

More information about the ipv6-ops mailing list