Debian/Mint/Raspbian/Ubuntu - How to force SLAAC EUI64 IPv6 autoconfiguration?

ubuntu debian linux-mint ipv6 raspbian
6,038

You are confusing two different address types:

  • temporary addresses generated according to RFC 4941 "Privacy extensions",
  • permanent addresses generated according to RFC 7217 "Opaque interface identifiers".

The former are always generated in addition to the default address and do not replace it, so certainly not what you have in mind.

The latter do replace the default EUI64-based address, but they are not temporary and have nothing to do with the use_tempaddr knob. Instead you need to change the primary address generation mode:

  • If SLAAC is performed by the kernel, change this sysctl:

    net.ipv6.conf.default.addr_gen_mode = 0
net.ipv6.conf.eth0.addr_gen_mode = 0

    (Looking at source code, it doesn't seem like all.addr_gen_mode is implemented.)

  • If SLAAC is performed by dhcpcd, use this dhcpcd.conf option:

    slaac hwaddr

  • If SLAAC is performed by NetworkManager:

    nmcli con modify "Connection name" ipv6.addr-gen-mode eui64
Share:
6,038
Jim MacKenzie
Author by

Jim MacKenzie

BY DAY: Insurance broker (property/casualty insurance) at Dusyk & Barlow Insurance. BY NIGHT: Sessional Lecturer III, Paul J. Hill School of Business at the University of Regina. Course presenter, Insurance Institute of Saskatchewan and Insurance Brokers' Association of Saskatchewan. Freelance reviewer/article author, QST Magazine. FOR FUN: Amateur radio (VE5EV / VE5EIS), vintage computers (Commodores, Amigas, and others), Linux, board gaming (PhotoJim @ boardgamegeek.com), photography (including black-and-white darkroom work), traveling (by air and by car), astronomy, ... more than I have time for, alas.

Updated on September 18, 2022

Comments

  • Jim MacKenzie
    Jim MacKenzie over 1 year

    I have a static IPv6 /62 prefix and I use radvd on my router (running Debian) to advertise a /64 from within it to my entire network. Other than my router (which is ::1), I let EUI64 set the suffix based on the MAC address (i.e. matching the suffix of the automatic fe80:: address).

    Most Linuxes are migrating to masking this for privacy reasons. I am really not concerned about the privacy implications, and further, want a perfectly predictable IPv6 address for services such as sshd.

    In theory, this should be easy to configure. For example, on a Raspberry Pi running Raspbian, I've added to the /etc/sysctl.conf file:

    ###################################################################

    # Enable IPv6 EUI64

    #

    net.ipv6.conf.all.use_tempaddr=0

    net.ipv6.conf.default.use_tempaddr=0

    net.ipv6.conf.eth0.use_tempaddr=0

    Alas, nothing changes. (The last line was a last-ditch attempt; the previous two lines really ought to work alone.)

    Something in these OSes is preventing EUI64 from working. What is it, and how do I enable it?

    This particular machine is not running NetworkManager, but some of them are.

  • Jim MacKenzie
    Jim MacKenzie about 6 years
    Thank you; I'll give this a try. I don't absolutely require that my systems use the default EUI64 addresses, although I prefer it since they're predictable. A permanent IPv6 suffix of some other sort would also be suitable. The address I have now seems to be temporary 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000 inet6 blahblah::4d6a:b4b0:7b0d:41af/64 scope global mngtmpaddr noprefixroute dynamic
  • Jim MacKenzie
    Jim MacKenzie about 6 years
    The secret for this situation was "slaac hwaddr" in /etc/dhcpcd.conf. Thank you.
  • user1686
    user1686 about 6 years
    No, if it doesn't say the exact word temporary, then you're still looking at a permanent address, and it's fine to use it in DNS and elsewhere. (It is based on hashing the network prefix and a secret key... uh, in dhcpcd's case probably /etc/dhcpd.duid?)
  • user1686
    user1686 about 6 years
    Don't be confused by mngtmpaddr which has a nearly-opposite meaning. (It tells the kernel "if use_tempaddr is active, please manage temporary addresses based on this address".)
  • The Guy with The Hat
    The Guy with The Hat almost 4 years
    How do I know which one is doing the SLAAC?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

What is the correct way to refer to LINUX/UNIX generically?
How to fix apt-get missing key error after adding deb source for package?
Static IPv6 address advertising and IPv6 autoconfig in Debian/Ubuntu
Repositories of Linux Mint, Ubuntu, Debian
Disabling IPv6 on Mint and Debian
Deleted /etc/apt, now apt-get gives a relocation error?
Can I use and install Ubuntu packages in Debian?
can packages marked Debian/Ubuntu be installed in Linux Mint as well?
imagemagick command not found?
Failed to start Oracle service