Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: cute crow
cute crow Author
User level: Level 1
35 points

Help needed setting up IPv6 Privacy Extension

Hi


Some time ago I thought I had enabled Privacy Extensions (aka Privacy Address) for IPv6 on my Snow Leopard mac.


If I use the ifconfig command, after inet6 it lists what looks like an IPv6 address and it has most of my MAC address in it.


So I'm guessing that I haven't set Privacy Extensions up correctly.


Is there any one who could help me?


To enable Privacy Extensions I used nano to create a file called sysctl.conf in /etc/ and in that file using nano I wrote the following:

net.inet6.ip6.use_tempaddr=1


Looking back I think that I may have omitted a key part. According to Sixx.net http://www.sixxs.net/wiki/Privacy it cryptically says to enable privacy extensions:

sysctl -w net.inet6.ip6.use_tempaddr=1


Should I have included the sysctl -w part in my nano edit of my sysctl.conf ?


(And as you'll have gathered I'm not particularly proficient with Terminal or Unix etc)

Posted on Jul 6, 2012 3:53 AM

Reply
11 replies
User profile for user: cute crow
cute crow Author
User level: Level 1
35 points

Jul 7, 2012 1:45 AM in response to Linc Davis

Hi Linc


Thats interesting and may well be the explanation. But I have to say I'm very surprised by it. I've seen quite a few recommendations to use systcl.conf on OS X and to think its actually disabled is quite surprising.

How do you check if its being ignored?



A bit of an update re. my initial post.

They way I have privacy extensions set up is correct (excluding your point Linc)


My confusion in my first post stems from the fact that I did it a little while ago and forgot (or never realized) that there are two ways of doing it.


(1) A temporary way for the current login session which is done with

sysctl -w net.inet6.ip6.use_tempaddr=1


(2) A permanent way which is done by creating (or editing your existing) sysctl.conf with the line:

net.inet6.ip6.use_tempaddr=1


I then discovered the sysctl -a command which AFAIK lists the enabled sysctl configuration.


When I ran that command my IPv6 Privacy Extension was included in it. So it would seem my sysctl.conf edit has worked and is recognised by OS X (to some level).


So I'm 90% sure I have it setup the way it should be. I'm just flummoxed as to why ifconfig is still displaying an IPv6 type address with my MAC address in it.


For any one who's interested here are some reference links

http://www.sixxs.net/wiki/OS_X

http://draft.scyphus.co.jp/macosx/snowleopard.html

https://isc.sans.edu//diary.html?storyid=10966

http://arstechnica.com/apple/2012/05/the-future-is-forever-the-state-of-ipv6-in- the-apple-world/2/


There is a final point, is ifconfig actually displaying my IPv6 address or is it some kind of private, internal system IPv6 address (something like loop back?)

Reply
User profile for user: g_wolfman
g_wolfman
User level: Level 4
1,137 points

Jul 7, 2012 9:01 AM in response to cute crow

ifconfig may very well be displaying the "default canonical" modified EUI-64 address derived from the MAC address by stateless autoconfiguration.


It may also not be the IPv6 address being used on your network (assuming you even have an IPv6 address on your network). You may get better results seeing what is actually being used with:


networksetup -getinfo Wi-Fi (or -getinfo Ethernet - depending or how you are connected).

Reply
User profile for user: cute crow
cute crow Author
User level: Level 1
35 points

Jul 7, 2012 1:13 PM in response to g_wolfman

Thanks g_wolfman.


I did that and it lists

IPv6: Automatic

IPv6 IP address: none

IPv6 Router: none


And you are correct, at the moment the network I'm on isn't IPv6.


The reason I presumed the ifconfig was my IPv6 was if I've WiFi off on the mac, ifconfig for en1 just list the MAC address but no IP addresses (not IPv4 nor IPv6) but when I enable WIFI then I get my IPv4 address (listed after inet) and IPv6 (listed after inet6). So I presumed it was the IPv6 and I was a bit disappointed to see my MAC address in it.


I don't suppose any one knows a sure fire way of examining your IPv6 address without being on an IPv6 network or failing that can anyone explain what exactly ifconfig is displaying?



A note for anyone following this

networksetup -getinfo Wi-Fi

didn't work for me but this did:

networksetup -getinfo Airport

Reply
User profile for user: g_wolfman
g_wolfman
User level: Level 4
1,137 points

Jul 7, 2012 1:29 PM in response to cute crow

networksetup -listallnetworkservices


Will give you the names of all the services (it will be the same as those listed in the Network System Preference sidebar). Wi-Fi is the default name for WLAN networking on my MBP; perhaps Airport is the default name on an iMac.


The easiest way to see your addresses is via the Network System Preference pane. If you aren't on IPv6, then no information will be displayed beyond the "Configure" drop-down - very similar to the IPv4 section.


As for ifconfig, it generally shows some combination of the following:


Interface Name (lo0, en0, en1, p2p0, etc);

Flags associated with the interface and the MTU (max number of bytes in a frame on the interface);

Options associated with the interface (if there are any);

The ethernet (MAC) address or link-local (lladdr) address of the interface (if there is one, not all interfaces have a hardware address);

The inet6 (IPv6) and inet (IPv4) addresses;

Various other infor; and,

An "active" or "inactive" indicator.


It's often just easier to open the System Preferences application and use the Network preference pane...also, since that is a GUI frontend to the networksetup program, it's closer to the actual utility OS X uses to manage it's interfaces.

Reply
User profile for user: cute crow
cute crow Author
User level: Level 1
35 points

Jul 9, 2012 8:38 AM in response to g_wolfman

Yeah, it must be something to do with hardware. My iMac just lists

AirPort

Ethernet

FireWire

Bluetooth PAN




So a little summary of where I stand.


*Can't confirm my IPv6 address cause not on IPv6 network.

*Unsure of what exactly ifcong is actually displaying re IPv6.

*I feel like I've got Privacy Extensions setup correctly, 90% sure, but I'd like to somehow get confirmation.


Must I be on an IPv6 network before I can verify what kind of IPv6 address my mac will generate?



Reply
User profile for user: cute crow
cute crow Author
User level: Level 1
35 points

Jul 11, 2012 3:45 AM in response to cute crow

I think the IPv6 that ifconfig is displaying may be a Link-local address. According to Wikipedia a Link Local IPv6 is assigned with the address prefix fe80::/64

My ifcinfig IPv6 does starts with:

fe80::

and after it this text

prefixlen 64


So it looks like a Link-local IPv6 address ???



Wkipedia Link-local url:

https://en.wikipedia.org/w/index.php?title=Link-local_address&oldid=479789318#IP v6

Reply
User profile for user: cute crow
cute crow Author
User level: Level 1
35 points

Jul 11, 2012 9:22 AM in response to g_wolfman

Well now that I know what ifconig's IPv6 address is and given that sysctl -a has shown my Privacy Address has been incorperated by OS X I am pretty sure that I have it setup correctly.


I think your absolutely right that the only way to 100% confirm it is to wait until I'm on an IPv6 network.


But with what I have learned so far I am very happy 🙂


Thanks a million for your help g_wolfman and Linc Davis. Much appreciated.


Cheers.

Reply

Help needed setting up IPv6 Privacy Extension

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up