| > Can you expand on the "All modern clients randomise the host part of the address" statement. Do they randomize this host part for every session or just once per network? In practice, most OSes generate a new address once per day, but more significantly, it is completely normal for an IPv6 host to have multiple addresses per interface at the same time. In fact, it is effectively mandatory to have at least two: First, you must have a link-local address (fe80::/10), which is non-routable. This is required for SLAAC and DHCPv6 to work. Second, if you want to talk to the rest of internet, you need a routable address (from SLAAC or DHCPv6). In practice, it's even more than that: The computer I'm writing this on currently has 12 IPv6 addresses on one ethernet interface. Besides the link-local address, it has as a bunch of routable addresses on the prefix delegated by my ISP. All but one of the routable are "deprecated" which means that they won't be used for new outgoing connections, but remain active for existing connections. So not only do you get a new randomized address every 24 hours, you may have an arbitrary number of randomized addresses active at any given time. There's nothing stopping a privacy-focused Linux distro from generating a new address for every outgoing connection, and having them all active at once. |