Am 02.02.2024 schrieb Ralph Aichinger <r...@h5.or.at>: > In my quest to advance the IPv6 preparedness of my home LAN I want to > find a solution to use IP tokens on all my clients. IP tokens (keeping > the host part of the IPv6 address static while getting the subnet part > by SLAAC) seem very elegant to me, because it avoids DHCPv6 > completely, and still makes mostly working DNS records possible. > > Opinions on SLAAC+IP tokens are welcome ;)
The process of the automatic generation is called SLAAC, regardless of the identifier being used. In the past the default was to use EUI-64 and have the MAC address in the address. If that is suitable for you (privacy!), use that. > One of my clients is a surface laptop running Debian sid, Gnome, > NetworkManager and getting connection via WiFi. The first hickup with > this is, that seemingly ra is disabled on my NetworkManager configured > device wl0: > > root@surface:~# ip token set ::5fac dev wl0 > Error: ipv6: Router advertisement is disabled on device. > > This can easily corrected with > > echo 1 > /proc/sys/net/ipv6/conf/wl0/accept_ra > > But: Is this a misconfiguration on my machine, or to be expected, when > using NetworkManager? I am using the following settings in the GUI: > IPv5: "Disable", IPv6 "Automatic". Do I risk messing up other stuff by > manually setting this eg. with the help of /etc/sysctl.conf? Use the NetworkManager to configure that. Automatic means using SLAAC (if available in the RA) and DHCPv6 (if available in the RA). > But what is the correct way to do this "ip token set" with > NetworkManager (or in spite of NetworkManager ;)? # nmcli c mod enp4s0 ipv6.addr-gen-mode eui64 # nmcli c mod enp4s0 ipv6.token ::deca:fbad:c0:ffee You need EUI-64 for that. Disable the Privacy extensions completely if you don't like an ADDITIONAL address with a randomly generated interface identifier that changes time to time.
