[jeroenhd]

> A transition from IPV4 to IPV6 creates a new per device tracking capability that leaks internal network structure.

I doubt it. Your load balancers will be the only addresses that will be addressable anyway. Your IPv4 load balancers will also be "leaking" IP addresses.

[wmf]

You're thinking of the server side, not clients.

[jeroenhd]

Clients that aren't misconfigured will use random IPv6 addresses that rotate. The usual default is once per day but that's a mere preference, you can make your computer take a new IP every minute if you want.

[wmf]

You can still see subnets though which was the original point.

[jeroenhd]

With many ISPs handing out /64s and others handing out /48s and /56s to households, it's difficult to tell a subnet from another IP.

Even still, this information is pretty useless. So what if you know my current subnet is 3a80? That won't help you get past the firewall.

[jiggawatts]

Clients use random IPv6 suffixes.