Multiple IPv6 addresses being assigned to single interface

Steven Copestake asked:

I’m configuring a DHCP scope for IPv6, however all my clients are getting 2 or more IPv6 addresses assigned to the interface.

I’m using fda8:6c3:ce53:a890:/64 as the prefix. The scope is on a machine running Windows Server 2008 R2 however I’m looking to roll it out on Server 2012 as well.

My clients are getting the following:

IPv6 Address. . . . . . . . . . . : 1024::1492:9288:7357:7d30(Preferred)
IPv6 Address. . . . . . . . . . . : fda8:6c3:ce53:a890::1(Preferred)
IPv6 Address. . . . . . . . . . . : fda8:6c3:ce53:a890:1492:9288:7357:7d30(Pr
rred)
Link-local IPv6 Address . . . . . : fe80::1492:9288:7357:7d30%10(Preferred)

In this example there’s no DHCP scope and the machine has a static IP of fda8:6c3:ce53:a890::1. With this in mind where are the 1024 address and the fda8:6c3:ce53:a890:1492:9288:7357:7d30 address coming from?

My answer:


The extra addresses look to me like privacy addresses, which really should be disabled in any sort of business environment. Try disabling IPv6 privacy addresses:

netsh interface ipv6 set privacy state=disabled store=active
netsh interface ipv6 set privacy state=disabled store=persistent
netsh interface ipv6 set global randomizeidentifiers=disabled store=active
netsh interface ipv6 set global randomizeidentifiers=disabled store=persistent

This configuration change requires a restart.

Unfortunately, there are no Group Policy objects that I’m aware of to make this change, which is a serious oversight on Microsoft’s part.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.