In my view this is NOT a software bug, its an OS bug. Here's a completely different why this causes problems.
We use Ubuntu UEC images. There are no meaningful privacy considerations here because we generate both the MAC address and the IP address of the servers concerned. IE, if the machine is mobile and changes IP address, it changes MAC address too. We build firewall rules automatically for the machine. These are applied outside of the machine (on the router). In order to write the rules correctly, we need to know the IPv6 address the machine will have, and use EUI-64 addressing to do this. Equally, for the server to get metadata on a boot, both the IP address needs to be correct (and no, that's not the only thing that is checked). On UEC randomisation of addresses thus prevents getting metadata over IPv6. This is only 'not a killer problem' as most people have IPv4 too. In a server environment (particularly on cloud images) there is no need whatsoever to have RFC4941 turned on by default. As Brian Candler wrote, the RFC says this should be disabled by default. It also says: Devices implementing this specification MUST provide a way for the end user to explicitly enable or disable the use of temporary addresses. In addition, a site might wish to disable the use of temporary addresses in order to simplify network debugging and operations. Consequently, implementations SHOULD provide a way for trusted system administrators to enable or disable the use of temporary addresses. On a cloud image, the user can't even administer his own machine until it has booted, which in a full IPv6 environment requires it to get metadata. For the reasons above, this prevents that from working. Therefore at least on UEC images, RFC4941 should be turned off by default and EUI-64 addresses only should be used. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1068756 Title: IPv6 Privacy Extensions enabled on Ubuntu Server by default To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/procps/+bug/1068756/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
