IPv6 Privacy Extensions

I was browsing the Arch Wiki and came across this: IPv6 - ArchWiki. Is this something to be enabled? Also, on this forum, I have seen a few users say that IPv6 is not privacy protecting, is this true and if so why?

1 Like

Without IPv6 privacy protection, a device (network interface) MAC address can be extracted from its IPv6 address and (by prepending the network prefix) vice-versa. An IPv6 address is a 64-bit network prefix concatenated with a 64-bit interface identifier. My understanding is the latter has 48 free bits that bijectively maps to a 48-bit MAC address.

These pages further explain the conversion:

Consequently, assuming MAC addresses are unique and the IPv6 address is formed from the MAC address, all the device’s internet activities can be traced to that device, even if the device switches internet hotspots.

My understanding is IPv6 privacy protection is supposed to protect against this (and maybe more). I don’t know exactly how IPv6 privacy extensions work, maybe it makes the interface identifier random?


Well, the same way you can say sth like: “Feature X/Y is not privacy protyecting”; may be true, may be false, thats not the point here.

Truth here is that degree of privacy equally depends on ability of admin/root user to set it up with privacy in mind.

1 Like