Re: RFC4941 IPv6 privacy knobs and how to set them

In reply to: Chris Ross : "RFC4941 IPv6 privacy knobs and how to set them"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Jamie Landeg-Jones <jamie_at_catflap.org>
Date: Wed, 02 Apr 2025 00:47:19 UTC

Chris Ross <cross+freebsd@distal.com> wrote:

> Is there documentation about what these variables mean, and if “2” is
> a useful value different than “1”?  If so, how are they different?

Hi, Chris. From: /usr/share/doc/IPv6/IMPLEMENTATION :

 | As documented in the source address selection document, temporary
 | addresses for privacy extension are less preferred to public addresses
 | by default.  However, for administrators who are particularly aware of
 | the privacy, there is a system-wide sysctl(3) variable
 | "net.inet6.ip6.prefer_tempaddr".  When the variable is set to
 | non-zero, the kernel will rather prefer temporary addresses.  The
 | default value of this variable is 0.

Additionally, the files in /usr/src/sys/netinet6/ treat the value as
a boolean, so it appears that in this case, 2 isn't twice as private
as 1 :-)

Cheers, Jamie