ccie blog

Windows Temporary Address (IPv6)

I’ve been playing with stateless autoconfiguration and couldn’t understand why my Windows 7 PC wasn’t generating a eui-64 address, and appending it to the /64 prefix advertised by my router. After some digging around on the internet, I found out it’s because Windows made some effort to improve your privacy on the internet. Because your mac never changes, your computer is always gonna be the same global IPv6 address. So you’re internet usage can be tracked.

So what happens is Windows generates a random number for the interface & hashes it (this value is stored in a history file). The hashed value is then appended to the /64 prefix from the router, and this is your global unicast address. Once the lifetime of the address expires, it takes that next value in the history file and hashes it again. Again, it appends it to the /64 from the router, and becomes the new IPv6 address.

Here is what my current address looks like.

 

As you can see, there’s no FFFE in the middle of the last 64 bits of that temporary address (which is the address you will be using on the internet). So no EUI-64 conversion is being done. This might be very inconvenient if you’re running a web server because you don’t want to constantly be changing DNS records to point to the new IPv6 address. So to disable this feature, run a cmd prompt and bang in the following commands:

netsh interface ipv6 set global randomizeidentifiers=disabled
netsh interface ipv6 set privacy state=disabled

This enables you to use a static, global eui-64 IPv6 address. My PC’s address now looks like this:

As you can see, the temporary address field has now been removed.

1 Comment

Claudemir MartinsNovember 29th, 2012 at 3:24 pm

Very interesting, thank you for sharing the information !

Leave a comment

Your comment