<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><div><blockquote type="cite" class=""><div class="">On Mar 30, 2020, at 8:30 PM, Roger Wiklund <<a href="mailto:roger.wiklund@gmail.com" class="">roger.wiklund@gmail.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div dir="ltr" class=""><div dir="ltr" class=""><div dir="ltr" class=""><div dir="ltr" class=""><div class="">Hi</div><div class=""><br class=""></div><div class="">I played around with IPv6 on my Mac today (Mac OS Catalina) and I noticed that besides the IP from DHCPv6 (dynamic) it's also generating two other addresses.</div><div dir="ltr" class=""><div class=""><br class=""></div><div class=""><div class=""><span class="gmail-Apple-tab-span" style="white-space:pre"> </span>ether aa:bb:cc:dd:ee:ff</div><div class=""><span class="gmail-Apple-tab-span" style="white-space:pre"> </span>inet6 fe80::1cad:944f:df4a:d123%en0 prefixlen 64 secured scopeid 0x7</div><div class=""><span class="gmail-Apple-tab-span" style="white-space:pre"> </span>inet6 2001:123:44:55:1a:f346:1bef:b88a prefixlen 64 autoconf secured</div><div class=""><span class="gmail-Apple-tab-span" style="white-space:pre"> </span>inet6 2001:123:44:55:20ac:49d2:68c5:595b prefixlen 64 autoconf temporary</div><div class=""><span class="gmail-Apple-tab-span" style="white-space:pre"> </span>inet6 2001:123:44:55::101 prefixlen 64 dynamic</div><div class=""><br class=""></div></div><div class="">I don't really know that the "secured" address is used for TBH (both autoconf are randomized and not based on the MAC)</div><div class="">The temporary address is used for outgoing connections and is changed every so often.</div><div class="">The dynamic address if from my DHPv6 server.</div><div class=""><br class=""></div><div class="">I think Windows has the same behaivour.</div><div class=""><br class=""></div><div class="">This got me thinking, if the temporary address is used as the outgoing source address, this gives me even less incentive to use DHCPv6. Especially since my Juniper SRX supports RDNSS via RA: <a href="https://tools.ietf.org/html/rfc8106" class="">https://tools.ietf.org/html/rfc8106</a></div><div class=""><br class=""></div><div class=""><div class="">set protocols router-advertisement interface ge-0/0/0.20 dns-server-address 2001:4860:4860::8888 lifetime 3600</div><div class="">set protocols router-advertisement interface ge-0/0/0.20 dns-server-address 2001:4860:4860::8844 lifetime 3600</div><div class="">set protocols router-advertisement interface ge-0/0/0.20 prefix 2001:123:44:55::/64</div></div><div class=""><br class=""></div><div class=""></div><div class="">When I read DHCPv6 vs SLAAC it often boils down to "control" but I don't see the need to allocate a dynamic address if the autogenerated are used. For client's you dont really have any inbound connections unless it's a support case.<br class=""></div><div class=""><br class=""></div><div class="">What's your view on this?</div><div class=""><br class=""></div><div class="">Thanks!</div></div></div></div></div></div>
</div></blockquote></div><div class="">I don’t understand why this is a disincentive of any consequence to preparing for the future by adopting IPv6. </div><div class=""><br class=""></div>See also: <a href="https://apple.stackexchange.com/questions/315232/disable-temporary-autoconf-inet6-address" class="">https://apple.stackexchange.com/questions/315232/disable-temporary-autoconf-inet6-address</a> (nota bene: I have not checked this on my Catalina systems due to time constraints.)<div class=""><br class=""></div><div class=""><br class=""><div class=""><div class=""><div style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><div style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><div style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><span class="Apple-style-span" style="border-collapse: separate; font-variant-ligatures: normal; font-variant-east-asian: normal; font-variant-position: normal; line-height: normal; border-spacing: 0px; -webkit-text-decorations-in-effect: none;"><span class="Apple-style-span" style="border-collapse: separate; font-variant-ligatures: normal; font-variant-east-asian: normal; font-variant-position: normal; line-height: normal; border-spacing: 0px; -webkit-text-decorations-in-effect: none;"><span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px; font-size: 12px; font-variant-ligatures: normal; font-variant-east-asian: normal; font-variant-position: normal; line-height: normal; -webkit-text-decorations-in-effect: none;"><span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px; font-variant-ligatures: normal; font-variant-east-asian: normal; font-variant-position: normal; line-height: normal; -webkit-text-decorations-in-effect: none;"><span class="Apple-style-span" style="border-collapse: separate; border-spacing: 0px; font-variant-ligatures: normal; font-variant-east-asian: normal; font-variant-position: normal; line-height: normal; -webkit-text-decorations-in-effect: none;"><div class=""><div style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">James R. Cutler</div><div style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><a href="mailto:James.cutler@consultant.com" class="">James.cutler@consultant.com</a></div><div style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">GPG keys: <a href="hkps://hkps.pool.sks-keyservers.net" class="">hkps://hkps.pool.sks-keyservers.net</a></div></div></span></span></span></span></span></div></div></div></div><div><blockquote type="cite" class=""></blockquote></div></div></div></body></html>