Three Entries in NDP for Some Devices? [ANSWERED]



  • In pfSense 2.4.4_1, looking at Diagnostics > NDP Table, most of my devices have two entries: one with its IPv6 address and another with its link local address. Some of them (currently two Windows 10 computers and one Android phone), though, have an additional entry. Its IPv6 address starts with the first four hextets of the device's IPv6 address (at least what's showing in the DHCPv6 Server), but the last four hextets are different. Can anyone tell me why? PfSense is the only thing handing out IP addresses on my network and I have no DMZ's, guest networks, or any other active interfaces besides WAN and LAN. It's a basic, simple, mostly Windows 10 workgroup-based home network.

    Unfortunately, I don't even have a name for what I'm seeing so I can't look it up.



  • @beremonavabi said in Three Entries in NDP for Some Devices?:

    Some of them (currently two Windows 10 computers and one Android phone), though, have an additional entry. Its IPv6 address starts with the first four hextets of the device's IPv6 address (at least what's showing in the DHCPv6 Server), but the last four hextets are different. Can anyone tell me why?

    Those are likely random privacy addresses. The idea is that by having an address tied to the hardware could cause privacy issues. So, these privacy addresses change daily and remain for a week, before being discarded. For incoming connections, to a server for example, you'd use the consistent address, which is often based on the MAC address, but could also be a random number.

    BTW, with SLAAC, pfSense does not hand out addresses. It only provides the prefix, with the device generating the lower 64 bits of the address.



  • That sounds like it's it. Thanks.



  • @beremonavabi said in Three Entries in NDP for Some Devices? [ANSWERED]:

    Unfortunately, I don't even have a name for what I'm seeing so I can't look it up.

    https://en.wikipedia.org/wiki/IPv6#SLAAC_privacy_extensions