<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">Le 13/10/2012 09:51, Laurent GUERBY a
écrit :<br>
</div>
<blockquote cite="mid:1350114702.8695.237.camel@pc2" type="cite">
<pre wrap="">
Une question pour les spécialistes : est-ce qu'au niveau
de la configuration serveur RA/DHCPv6 on peut "forcer"
les utilisateurs a ne pas reveler leur MAC ?
</pre>
</blockquote>
Salut Laurent.<br>
<br>
Une partie de la réponse a été apportée dans cette article en
anglais. Surement puis-je apporter une traduction pour le wiki :<br>
<a class="moz-txt-link-freetext" href="http://superuser.com/questions/243669/how-to-avoid-exposing-my-mac-address-when-using-ipv6">http://superuser.com/questions/243669/how-to-avoid-exposing-my-mac-address-when-using-ipv6</a><br>
<br>
DHCPv6 et SLAAC se servent des adresses MAC client sous forme
EUI-64, mais on peut outrepasser cela.<br>
Il ne s'agit pas ici d'une configuration coté serveur mais côté
client.<br>
Chaque client doit avoir l'option "privacy" activée pour refuser de
transmettre son EUI-64 et choisir un système d'adresses temporaires.<br>
<br>
Vous trouverez ci-dessous l'article en question.<br>
Cordialement,<br>
Solarus<br>
_________________________________________________________<br>
<p>This is what IPv6 <a href="http://tools.ietf.org/html/rfc3041">Privacy
Addressing</a> is for. When enabled, the system will generate a
temporary address with a random suffix in addition to the
EUI-64-based address.</p>
<ul>
<li>
<p><strong>Windows</strong> (starting with XP SP2) – enabled by
default in XP, Vista, 7:</p>
<pre><code>netsh interface ipv6 set privacy state=enabled
</code></pre>
</li>
<li>
<p><strong>Linux</strong>:</p>
<p>To enable temporary addresses and make them preferred for
outgoing connections:</p>
<pre><code>sysctl net.ipv6.conf.all.use_tempaddr=2
sysctl net.ipv6.conf.default.use_tempaddr=2
</code></pre>
<p>To enable temporary address generation, but keep the old
(Autoconf) address as preferred:</p>
<pre><code>sysctl net.ipv6.conf.all.use_tempaddr=1
sysctl net.ipv6.conf.default.use_tempaddr=1
</code></pre>
<p>The <code>all</code> or <code>default</code> part can be
replaced with a specific interface name; e.g. <code>net.ipv6.conf.eth0.use_tempaddr</code>.</p>
<p><em>(I used <code>ip link set eth0 down && ip link
set eth0 up</code> to force an address assignment, but you
can just wait a minute for the next periodic Router
Advertisement.)</em></p>
</li>
<li>
<p><strong>Mac OS X</strong> – enabled by default since OS X
10.7 Lion:</p>
<pre><code>sysctl -w net.inet6.ip6.use_tempaddr=1
</code></pre>
<p>Temporary addresses, if enabled, will be preferred.</p>
</li>
<li>
<p><strong>FreeBSD</strong>:</p>
<pre><code>sysctl net.inet6.ip6.use_tempaddr=1
sysctl net.inet6.ip6.prefer_tempaddr=1
</code></pre>
</li>
<li>
<p><strong>NetBSD</strong>:</p>
<pre><code>sysctl -w net.inet6.ip6.use_tempaddr=1
</code></pre>
<p>Temporary addresses preference? I have no idea. The autoconf
address seems to be preferred. <code>ifconfig</code> doesn't
appear to list any address properties.</p>
</li>
</ul>
<p>Notes on configuration:</p>
<ul>
<li>
<p><strong>On Linux, OS X, and all BSDs, edit <code>/etc/sysctl.conf</code>
to make the setting permanent.</strong></p>
</li>
<li>
<p>On Windows, the changes will persist automatically.</p>
<p><em>(Append <code>store=active</code> to the <code>netsh</code>
command if you want it to only last until reboot.)</em></p>
</li>
</ul>
Le problème de certaines de ces solutions étant d'utiliser des
adresses temporaires, ce qui n'a pas tellement d'utilité en IPv6, à
part pour cette problématique de vie privée.<br>
<br>
________________________________________________________<br>
<p>This is what IPv6 <a href="http://tools.ietf.org/html/rfc3041">Privacy
Addressing</a> is for. When enabled, the system will generate a
temporary address with a random suffix in addition to the
EUI-64-based address.</p>
<ul>
<li>
<p><strong>Windows</strong> (starting with XP SP2) – enabled by
default in XP, Vista, 7:</p>
<pre><code>netsh interface ipv6 set privacy state=enabled
</code></pre>
</li>
<li>
<p><strong>Linux</strong>:</p>
<p>To enable temporary addresses and make them preferred for
outgoing connections:</p>
<pre><code>sysctl net.ipv6.conf.all.use_tempaddr=2
sysctl net.ipv6.conf.default.use_tempaddr=2
</code></pre>
<p>To enable temporary address generation, but keep the old
(Autoconf) address as preferred:</p>
<pre><code>sysctl net.ipv6.conf.all.use_tempaddr=1
sysctl net.ipv6.conf.default.use_tempaddr=1
</code></pre>
<p>The <code>all</code> or <code>default</code> part can be
replaced with a specific interface name; e.g. <code>net.ipv6.conf.eth0.use_tempaddr</code>.</p>
<p><em>(I used <code>ip link set eth0 down && ip link
set eth0 up</code> to force an address assignment, but you
can just wait a minute for the next periodic Router
Advertisement.)</em></p>
</li>
<li>
<p><strong>Mac OS X</strong> – enabled by default since OS X
10.7 Lion:</p>
<pre><code>sysctl -w net.inet6.ip6.use_tempaddr=1
</code></pre>
<p>Temporary addresses, if enabled, will be preferred.</p>
</li>
<li>
<p><strong>FreeBSD</strong>:</p>
<pre><code>sysctl net.inet6.ip6.use_tempaddr=1
sysctl net.inet6.ip6.prefer_tempaddr=1
</code></pre>
</li>
<li>
<p><strong>NetBSD</strong>:</p>
<pre><code>sysctl -w net.inet6.ip6.use_tempaddr=1
</code></pre>
<p>Temporary addresses preference? I have no idea. The autoconf
address seems to be preferred. <code>ifconfig</code> doesn't
appear to list any address properties.</p>
</li>
</ul>
<p>Notes on configuration:</p>
<ul>
<li>
<p><strong>On Linux, OS X, and all BSDs, edit <code>/etc/sysctl.conf</code>
to make the setting permanent.</strong></p>
</li>
<li>
<p>On Windows, the changes will persist automatically.</p>
<p><em>(Append <code>store=active</code> to the <code>netsh</code>
command if you want it to only last until reboot.)</em></p>
</li>
</ul>
<br>
</body>
</html>