nanog mailing list archives

Re: IPV6 planning

From: Baldur Norddahl <baldur.norddahl () gmail com>
Date: Sat, 5 Mar 2016 23:30:10 +0100

On 5 March 2016 at 22:54, <Valdis.Kletnieks () vt edu> wrote:

And note that there isn't any problem with a machine getting an IPv6
address
via SLAAC *and* getting another one via DHCPv6 - my laptop is doing that
as I
type (plus a privacy address or two as well).

That is what our CPEs (from Inteno) do. Every computer has a DHCPv6
assigned address that is short and easy (my laptop has 2a00:7660:5c6::30e).
The DHCPv6 assigned address is also stable. In the CPE admin website the
user can pick the computer (DHCPv6 assigned address) from a dropdown when
configuring inbound firewall rules. It is very easy to eg. allow SSH to my
laptop by using this feature.

But every computer also have SLAAC and usually with privacy extensions. My
laptop prefers the SLAAC/privacy address for outgoing connections. So I am
not as easily tracked as if the computer used the DHCPv6 address. Currently
my outgoing connections are from 2a00:7660:5c6::bd7d:624c:2d8c:c8d0 but
this will change shortly to something new and random.

Short and stable for inbound, random for outbound.

Regards,

Baldur

Current thread:

IPV6 planning Laurent Dumont (Mar 05)
- Re: IPV6 planning Mark Tinka (Mar 05)
  - Re: IPV6 planning Valdis . Kletnieks (Mar 05)
    - Re: IPV6 planning Baldur Norddahl (Mar 05)
    - Re: IPV6 planning Hugo Slabbert (Mar 05)
  - Re: IPV6 planning Owen DeLong (Mar 07)
- Re: IPV6 planning Karl Auer (Mar 05)
  - Re: IPV6 planning Saku Ytti (Mar 05)
    - Re: IPV6 planning Karl Auer (Mar 05)
    - Re: IPV6 planning Saku Ytti (Mar 06)
    - Re: IPV6 planning Tore Anderson (Mar 06)
    - Re: IPV6 planning Karl Auer (Mar 06)
    - Re: IPV6 planning Baldur Norddahl (Mar 06)
    - Re: IPV6 planning Karl Auer (Mar 06)

(Thread continues...)