You are not logged in.
- Topics: Active | Unanswered
#1 2022-01-08 10:01:34
- GaaH2
- Member
- Registered: 2022-01-08
- Posts: 3
[SOLVED] Disable ip-6 privacy in NeworkManager
Hi guys,
I’m self-hosting a few services and I would like to be able to connect to them using ipv6. I am using NetworkManager, which gives me an dynamic ipv6 address. I suppose this is because of privacy concerns, so I tried disablinge everything that is tied to ip6 privacy. So, I added the following lines in my config file:
[connection]
ipv6.addr-gen-mode=eui64
ipv6.ip6-privacy=0I though it would be sufficient, but no. NetworkManager is still giving me dynamic ipv6 addresses, which is very inconvenient for my use case, since I need to update my DNS everytime I have a new address.
I don’t remember having this issue (well, it is not really an issue in the general case) when I was using netctl, so I will probably switch to netctl if I don’t find a solution, but, for some reasons, I’d like to stick with NetworkManager.
What did I do wrong?
Last edited by GaaH2 (2022-01-12 09:50:33)
Offline
#2 2022-01-08 10:13:38
- Raynman
- Member
- Registered: 2011-10-22
- Posts: 1,539
Re: [SOLVED] Disable ip-6 privacy in NeworkManager
https://man.archlinux.org/man/NetworkMa … ON_SECTION
Looks like you need to edit the existing connection profile instead of (or in addition to) the defaults.
Offline
#3 2022-01-08 10:45:14
- GaaH2
- Member
- Registered: 2022-01-08
- Posts: 3
Re: [SOLVED] Disable ip-6 privacy in NeworkManager
What? If I understand correctly, you have to set a bunch of default parameters, then you need to explicitely tell in the connections profiles to use the defaults in the config file instead of the NetworkManagers’ defaults value? This is extremely confusing… Anyway, actually I started by editing the per-connection settings, but because it didn’t work, I moved the settings to the global configuration file (in this case /etc/NetworkManager/conf.d/ip6-privacy.conf).
So, I typed
nmcli connection modify 'Connexion filaire 1' ipv6.ip6-privacy 0 ipv6.addr-gen-mode eui64which (re)created the file /etc/NetworkManager/system-connections/'Connexion filaire 1.nmconnection'. I reloaded NetworkManager and restarted my computer, but
ip addrstill gives me
inet6 my-ip-addr/64 scope global dynamic noprefixroute.
EDIT: That being said, my ip address has ff::fe, which suggests that autoconfiguration has been done as I intended. Maybe I’m missunderstanding the dynamic tag given by ip addr?
Last edited by GaaH2 (2022-01-08 11:04:34)
Offline
#4 2022-01-08 11:46:09
- progandy
- Member
- Registered: 2012-05-17
- Posts: 5,279
Re: [SOLVED] Disable ip-6 privacy in NeworkManager
The dynamic tag says nothing about the privacy extensions. It is used because the IP is dynamically generated from a local part (e.g. EUID) and the prefix received from the router.
If the second half of the IPv6 is mostly identical to the mac address, then you have the fixed ip that only changes when the router gives you a new prefix.
The local part created by ipv6.addr-gen-mode=private should also be stable and always the same as long as you connect to the same network. It only changes when the network is different.
Last edited by progandy (2022-01-08 11:47:47)
| alias CUTF='LANG=en_XX.UTF-8@POSIX ' |
Online
#5 2022-01-08 12:02:00
- GaaH2
- Member
- Registered: 2022-01-08
- Posts: 3
Re: [SOLVED] Disable ip-6 privacy in NeworkManager
Thank you to both of you.
So, I guess that my problem is solved, if my address is still changing I’ll update this post.
One last question: is there, in this case, any reason to switch to stable-privacy? The benefits seems obvious to me when the computer use several networks, such as, typically, a laptop. But here, my computer is a home server that will not use other networks, except if decide to change my ISP.
Offline