top | item 39160974

(no title)

trvr | 2 years ago

Can you expand on the "All modern clients randomise the host part of the address" statement. Do they randomize this host part for every session or just once per network?

I've always been under the impression that it is actually easier to track an individual user on IPv6 because each device now has a unique address. Example Company could now tell the difference between 2 users in a home, for example, instead of just a single NAT'd IPv4 address. Is that not true?

discuss

ianburrell|2 years ago

IPv6 host can change its address as much as it wants. In fact, it can have as many addresses as it wants. It could use a different address for every outgoing connection. Nothing goes that far.

Most modern OSes change IPv6 every hour to once per day. The result is that any tracker can't tell if two IPv6 addresses in the same subnet are two hosts or one that changed its address.

tolien|2 years ago

How frequently the randomisation happens is configurable but the expectation is it should be ~daily. The thing you’re looking for is the SLAAC Privacy Extensions [1]

1: https://www.internetsociety.org/resources/deploy360/2014/pri...

burnerthrow008|2 years ago

> Can you expand on the "All modern clients randomise the host part of the address" statement. Do they randomize this host part for every session or just once per network?

In practice, most OSes generate a new address once per day, but more significantly, it is completely normal for an IPv6 host to have multiple addresses per interface at the same time. In fact, it is effectively mandatory to have at least two:

First, you must have a link-local address (fe80::/10), which is non-routable. This is required for SLAAC and DHCPv6 to work. Second, if you want to talk to the rest of internet, you need a routable address (from SLAAC or DHCPv6).

In practice, it's even more than that:

The computer I'm writing this on currently has 12 IPv6 addresses on one ethernet interface. Besides the link-local address, it has as a bunch of routable addresses on the prefix delegated by my ISP. All but one of the routable are "deprecated" which means that they won't be used for new outgoing connections, but remain active for existing connections.

So not only do you get a new randomized address every 24 hours, you may have an arbitrary number of randomized addresses active at any given time.

There's nothing stopping a privacy-focused Linux distro from generating a new address for every outgoing connection, and having them all active at once.

ikekkdcjkfke|2 years ago

How do the switches handle potentially that many addressess?

arccy|2 years ago

you get a randomized address for the network, but then also temporary addresses that are cycled on reboot / netstack restarts for outgoing connections