OS X: Disable IPv6 Address Privacy

by Scott Hebert

Mac OS X logo -rightFor those that are really into privacy, the Privacy Extensions defined in RFC 4941 are a really good thing. This extension circumvents SLAAC and has the result of randomizing your IPv6 address. Like I said, if privacy is a big deal for you, this is definitely something you want enabled. Fortunately for you, this feature is enabled by default in OS X.

Unfortunately, I ran into a situation recently where my ever-changing IPv6 address was causing a bit of a problem for debugging. My primary interface had more than half a dozen temporary IPv6 addresses assigned:

If you absolutely need to use a single address, then disabling the RFC 4941 privacy extensions is the answer. Open a Terminal window and run the following command:

$ sudo sysctl -w net.inet6.ip6.use_tempaddr=0

Don't forget to add that to /etc/sysctl.conf if you want the change to persist between reboots.

After that, bounce the interface you care about (probably en0) however you prefer (disable and re-enable Wi-Fi, perhaps) and you should notice that you no longer are being assigned temporary IPv6 addresses.

Remember that SLAAC uses your MAC address to generate your IPv6 address. In other words, your MAC address is encoded in everything you're doing. If you have concerns about your digital privacy, this is not for you!