You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

I want my Windows boxes to:

 

  • Use 'privacy' addresses for outgoing connections
  • Have a EUI64 address to listen for incoming connections
  • Not use any legacy tunneling protocols

This can be enabled permanently using the following batch script:

 

REM enables RFC 4941 privacy extensions (i.e. temporary address for outgoing connections)
netsh interface ipv6 set privacy state=enabled store=active
netsh interface ipv6 set privacy state=enabled store=persistent
 
REM Don't use random identifier. This will result in EUI64 based adddresses
netsh interface ipv6 set global randomizeidentifiers=disabled store=active
netsh interface ipv6 set global randomizeidentifiers=disabled store=persistent

REM disable unused tunneling protocols
netsh interface ipv6 6to4 set state disabled
netsh interface ipv6 isatap set state disabled
netsh interface ipv6 set teredo disabled

The order of the two first blocks seems to matter. If you put the randomizeidentifiers block before the privacy block, then Windows will still use randomizeidentifiers...

 

 

Remove address

In case you want only manually configured address, but started out with EUI-64, you might need to remove some addresses manually:

netsh interface ipv6 delete address "Local Area Connection" 2001:610:148:babe:20c:29ff:fedb:af95

 

 

  • No labels