Re: RFC4941 IPv6 privacy knobs and how to set them

> On Mar 31, 2025, at 16:05, Marek Zarychta <zarychtam@plan-b.pwste.edu.pl> wrote:
> Hello Chris,
> 
> our ip6 network stack is old and likely still relying on the older RFC 3041, even though RFC 4941 is mentioned in the man pages. However, both have been obsoleted by RFC 8981. If you're open to experimentation, you can apply the patch from PR 245103 to push things further.
> 
> I have always set these sysctl knobs to 1, but I only use privacy extensions on PCs and laptops - never on routers.

I wish I knew why I set them to 2. :-/. If I _wanted_ them set to 1, then I could use the knob in rc.conf.  I know I have some complaints about the privacy things being done with MAC address and IPv6 addresses, because I need my IPv6 addresses to be predictable for DNS.  Trying to figure out how to get (1) [information] secure and (2) predictable/repeatable addresses so I can set up forward and reverse DNS has been challenging….

Though, mostly that’s an issue for the client machines on the network, not the router.  The router mostly has hard-set IPv6 addresses, since it is after all, a router. Maybe I was trying to adjust in some way the upstream to my ISP.  There isn’t any SLACC going on on my router at the moment though, I don’t think, so this may be some left-over from my trials and tribulations last year getting the IPv6 allocation from Verizon up and running.

So, no-one knows any reason why these numbers being “2” could mean anything?  If so I’ll pull that out of my config.

          - Chris