On Tue, Dec 28, 2021 at 12:35:07PM +0100, Mike Fischer wrote:
| So I guess the only way to get a stable IID with dynamic prefixes is
| to use the eui64 method? (Which is based on the MAC-address and
| leaks information.)
What information leak are you afraid of? Someone else knowing the
MAC-address of your system? You can fix that by changing the MAC
address of your interface (see the lladdr option in the ifconfig(8)
manpage at http://man.openbsd.org/ifconfig#lladdr for details)
Then you leak your "self chosen" MAC address - up to you to decide if
that's still a concern (but note that it's not really different from
"leaking" your IPv6 address in that case).
| My options for running an OpenBSD server using IPv6 thus seem to be:
| - Find a provider with static public IPv6 addresses (prefixes)
That would work, but means you have to change providers - is that
really what you want? Could be a good message to your current ISP to
step up their IPv6 game.
| - Use dynamic IPv6 addresses (prefixes) and eui64 IIDs
Seems like the simplest way, especially using the lladdr option.
| - Use an IPv6 tunnel broker like tunnelbroker.net to tunnel a static
| IPv6 address (prefix) through IPv4 (6in4 tunnel)
Seems less useful / efficient, if your provider offers native IPv6.
Paul
--
>++++++++[<++++++++++>-]<+++++++.>+++[<------>-]<.>+++[<+
+++++++++++>-]<.>++[<------------>-]<+.--------------.[-]
http://www.weirdnet.nl/
No comments:
Post a Comment