[Bug 841353] Re: please enable IPv6 privacy extensions by default
Mathieu Trudel-Lapierre
mathieu.tl at gmail.com
Thu Nov 17 15:59:44 UTC 2011
Confirming, we've been discussing this in
https://blueprints.launchpad.net/ubuntu/+spec/foundations-p-ipv6; and
although it's not approved yet we did identify work items for enabling
this at the ifupdown and NM levels.
** Changed in: procps (Ubuntu)
Status: New => Confirmed
** Changed in: procps (Ubuntu)
Importance: Undecided => Medium
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to procps in Ubuntu.
https://bugs.launchpad.net/bugs/841353
Title:
please enable IPv6 privacy extensions by default
Status in “procps” package in Ubuntu:
Confirmed
Bug description:
We don't appear to enable IPv6 privacy extensions[1] by default.
Could we please do so? Leaking the MAC address of any IPv6 enabled
device is both undesirable and a regression from IPv4.
Enabling them appears to be as simple as a sysctl.d file with the
following in it:
net.ipv6.conf.all.use_tempaddr = 2
net.ipv6.conf.default.use_tempaddr = 2
With those set, I now have 3 IPv6 addresses, one link local, one with
my MAC address and one without my MAC address. Although my machine
will answer to all 3 it will only use the non-MAC address based one
for outbound traffic.
[1] http://tools.ietf.org/html/rfc4941
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/procps/+bug/841353/+subscriptions
More information about the foundations-bugs
mailing list