IPB198: IPv6 Privacy and Temporary Addresses

The Everything Feed - All Packet Pushers Pods21mApril 16, 2026

Get the full intelligence

Search transcripts, export clips, track mentions, and explore all topics from “IPB198: IPv6 Privacy and Temporary Addresses” inside PodZeus.

Search in PodZeusStart Free Trial
AI-Generated Summary

This episode of The Everything Feed's IPv6 Buzz dives into the critical yet often misunderstood topic of IPv6 privacy and temporary addresses. Hosts Ed Horley, Nick Baraglio, and Tom Coffeen explore how client devices generate IPv6 addresses, focusing on the trade-offs between privacy, predictability, and network performance. They explain the difference between permanent privacy addresses—randomly generated but stable for DNS and internal network services—and temporary privacy addresses, which are periodically rotated to hinder tracking. The discussion highlights that these features are client-side, not network-controlled, and vary across operating systems like Windows, macOS, and Linux. The hosts also address operational challenges, such as resource exhaustion on access switches due to multiple addresses per device, and emphasize that while privacy extensions don't eliminate tracking entirely, they add a layer of obscurity. They conclude with practical advice: avoid EUI-64 for client devices in favor of DHCPv6 or privacy-based address assignment to reduce exposure of hardware identifiers.

Key Takeaways
1

Use privacy extensions and temporary addresses on client devices to obscure MAC-based tracking, especially on public or untrusted networks.

2

Permanent privacy addresses should remain stable for internal services like DNS and group policy, while temporary addresses should be rotated regularly (default: 8 hours) to enhance privacy.

3

Avoid EUI-64 for client devices unless necessary, as it exposes the underlying MAC address and undermines privacy.

4

Temporary addresses are client-side only—network administrators cannot enforce their behavior via RA or DHCPv6; control must come from OS-level policies.

5

Be aware of resource consumption: multiple IPv6 addresses per device can strain ARP/ND tables and switch memory, especially on constrained access layer hardware.

Chapters
0:00
2 min

Introduction to IPv6 Privacy and Temporary Addresses

The hosts introduce the topic of IPv6 privacy and temporary addresses, explaining why this foundational but often overlooked aspect of host address provisioning is critical for client device security and tracking prevention.

2:00
4 min

Interface Identifiers and EUI-64: The Privacy Problem

If you see that FFFE in the middle, probably dealing with EUI-64 in the middle of the address. Unless you've let Ed manually configure addresses on your network and then he'll insert FFFE into your manually configured address to make you think it's a EUI-64.

Highlight
6:00
6 min

Permanent vs. Temporary Privacy Addresses

I've got a permanent privacy address, and I've got a temporary privacy address. The permanent one stays consistent for DNS and internal reachability. The temporary one is disposable—used for external connections and discarded after a few hours.

Highlight
12:00
6 min

Client-Side Control and Operational Challenges

You could have just like an absolutely staggering amount of privacy addresses because I'm at a station of 30 different things. You're one of the bad actors, Nick.

Highlight
18:00
3 min

Best Practices and Final Thoughts

The hosts conclude with recommendations: prefer DHCPv6 over EUI-64 for client devices, use privacy extensions, and understand that temporary address duration is configurable but not network-enforced. They stress that privacy is a trade-off, not a complete solution.

High-Impact Quotes
I've got a permanent privacy address, and I've got a temporary privacy address. The permanent one stays consistent for DNS and internal reachability. The temporary one is disposable—used for external connections and discarded after a few hours.
Tom Coffeen8:00
Viral: 80.0
You could have just like an absolutely staggering amount of privacy addresses because I'm at a station of 30 different things. You're one of the bad actors, Nick.
Tom Coffeen11:52
Viral: 75.0
It's not like the network gets to determine or set a flag that tells the client device what the duration of time is.
Nick Baraglio19:32
Viral: 72.0
Speakers

Hosts

Ed HorleyNick BaraglioTom Coffeen
Topics Discussed
IPv6 Privacy Extensions95%Temporary Addresses90%EUI-64 Interface Identifiers85%Client-Side Address Configuration80%Network Performance and Resource Consumption75%Enterprise IPv6 Deployment70%DNS and Host Identification65%Operating System Differences60%
People & Brands

IPv6

other

15xPositive

Nick Baraglio

person

10xNeutral

Tom Coffeen

person

8xNeutral

SLAAC

other

6xNeutral

Ed Horley

person

6xNeutral

MAC Address

other

5xNeutral

DHCPv6

other

5xPositive

Packet Pushers

organization

4xPositive

Windows 11

product

3xPositive

IPv4

other

3xNeutral
Related Episodes

PP103: FireMon Brings Clarity to Firewall Rule Chaos (Sponsored)

The Everything Feed - All Packet Pushers Pods56m • 3/31/2026

HW074: Build Your Own Access Point with Bradley Wegner

The Everything Feed - All Packet Pushers Pods26m • 3/31/2026

NAN118: The Importance of the Data Behind AI in Networks (Sponsored)

The Everything Feed - All Packet Pushers Pods43m • 4/1/2026

D2DO299: The State of Platform Engineering and DevEx

The Everything Feed - All Packet Pushers Pods43m • 4/1/2026

N4N052: Multicast Part 2

The Everything Feed - All Packet Pushers Pods1h 25m • 4/2/2026

Get the full intelligence

Search transcripts, export clips, track mentions, and explore all topics from “IPB198: IPv6 Privacy and Temporary Addresses” inside PodZeus.

Search in PodZeusStart Free Trial

Start discovering podcast insights today

Start with a 7-day trial and explore a growing catalog of popular podcasts. No credit card required.

Start free trial

Try live search

No credit card required • 7-day trial • Cancel anytime