[LEDE-DEV] [PATCH odhcpd] dhcpv6-ia: add option for dhcpv6 privacy address
Bjørn Mork
bjorn at mork.no
Fri Mar 10 05:06:31 PST 2017
Eric Luehrsen <ericluehrsen at hotmail.com> writes:
> IP6 SLAAC plus privacy is common. DHCPv6 should be able to provide
> the same funciton. This way central IT can maintain integrity and
> traceability. However, individual machines will not be easily
> placed into a pattern over time by external snooping.
This looks wrong. The "NA" in IA_NA means "non-temporary addresses".
You cannot change that without breaking client expectations.
You should implement IA_TA if you want DHCPv6 privacy addresses. See
section 12 of RFC 3315 (which is referred to by RFC 4941).
Bjørn
More information about the Lede-dev
mailing list