@rickminer There are two issues here: "random interface identifiers" [RFC 4941 sec 3.2] and "temporary" (privacy) addresses [RFC 4941 sec 3.3].
Servers and desktops are physically static, and so there is no difference in their trackability whether they use static MAC-based IPv6 addresses, or static "random interface identifiers" (sec 3.2).
As a network manager, it is easier for me if I can directly map IPv6 address MAC address hostname, rather than having to discover and record another attribute for everything on the network.
I already have MAC address hostname for IPv4 DHCP.
As a network manager, I can definitely say I prefer static machines to have static non-temporary addresses.
It is just so much extra work to discover and track new temporary addresses (sec 3.3) that appear every day and which last for 2 days -- there is no network event that you can log to record when a host decides to create a new temporary address.
If we didn't record all temporary addresses, then *IF* we were to get a copyright violation notice for a temporary IPv6 address, could we just say, "sorry that was on a temporary address, we don't know what computer that was"? Or if there was a DOS or ssh attack, wouldn't it be a really good idea to be able to work out which machine was responsible? Should I push all these temporary addresses into reverse DNS, or store in a separate database that will need extra tools to interogate?
==
Mobile machines are more susceptible to being traced as they move around the Internet if they use the same identifier.
As before, if they always keep the same identifier then there is no difference in trackability if they use a MAC-based address v. a random address (sec 3.2)
As before, if a machine is on my network, I do want to be able to track its actions, to know which machine is which. So, no random or temporary addresses for me please.
netsh interface ipv6 set privacy state=disabled
netsh interface ipv6 set global randomizeidentifiers=disabled store=persistent
There is other stuff that happens if you log in to AD, group policies etc etc
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
