[ipv6hackers] RFC7217 in Mac OS? (Fwd: "secured" IPv6 addresses)
Fernando Gont
fgont at si6networks.com
Mon Aug 29 16:18:25 CEST 2016
Folks,
Can anyone confirm that this is the result of implementing RFC7217?
(This would be good news, btw).
Thanks!
Cheers,
Fernando
-------- Forwarded Message --------
Subject: "secured" IPv6 addresses
Date: Sun, 28 Aug 2016 20:59:20 +0200
From: Iljitsch van Beijnum <iljitsch at muada.com>
To: ipv6-dev at lists.apple.com
Hi all,
I've installed the most recent public beta, and I see something interesting:
en4: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=10b<RXCSUM,TXCSUM,VLAN_HWTAGGING,AV>
ether 40:6c:8f:32:4b:c3 inet6
fe80::8f:b474:a9dc:4174%en4 prefixlen 64 secured scopeid 0x9
inet 192.168.178.20 netmask 0xffffff00 broadcast 192.168.178.255
inet6 2001:470:1f15:8b5:df:900f:a6a3:715c prefixlen 64 autoconf
secured inet6 2001:470:1f15:8b5:f54c:e5dc:fb28:ddca prefixlen 64
autoconf temporary nd6 options=201<PERFORMNUD,DAD>
media: autoselect (1000baseT
<full-duplex,flow-control,energy-efficient-ethernet>)
status: active
Previously, the link local address as well as the stateless autoconfig
non-temporary address were derived from the Ethernet MAC address. That
is no longer the case, the system now seems to create persistent link
local and stateless autoconfig addresses that are not directly derived
from the MAC address. I believe Windows also does this.
These addresses survive reboots but not a clean reinstall of the system.
I can't find any documentation on how this works, though. Is there an
RFC or something else that describes these secured addresses? How are
they generated?
More information about the Ipv6hackers
mailing list