undefined | Better HN

0 pointsrkagerer2mo ago0 comments

Thanks, that's a helpful comparison. You've shown a fixed prefix 3 hextets (48 bits) in length - is that the most common convention these days?

And has the practice of generating portions of the address from your MAC address been universally (or at least mostly) abandoned?

0 comments

1 comments · 1 top-level

Dagger22mo ago

The most common is more like /56, which is unfortunate because it means you have to deal with "2001:db8:2d4f:61XX::". It's still easy enough to read the subnet out of :6101:, :6102:, :6103: etc, but it does mean every address is longer :(

> And has the practice of generating portions of the address from your MAC address been universally (or at least mostly) abandoned?

Somewhere around mostly. Windows, OSX, and network-manager/dhcpcd/systemd-networkd on Linux all enable RFC7217 (uses a hash of your MAC and a secret value), temporary addresses (random addresses used for outbound connections) or both by default. Either of these will prevent people from seeing your MAC when you connect to them.

I'm not sure about mobile devices. I'd expect temporary addresses there, but also MAC randomization is a thing these days which would do the job too.

Notably absent from that list is Linux's in-kernel SLAAC client. Client-oriented distros often enable tempaddrs by default (or they install one of the network daemons that does it), but server-oriented distros tend not to.

j / k navigate · click thread line to collapse