NetworkManager in bookworm 64 defaults to "stable-privacy" rather than "eui64" for ipv6.addr-gen-mode.
The documentation for network boot includes adding "ip=dhcp" to /boot/firmware/cmdline.txt. That alone is enough to cause the IPv6 address to be based on the Ethernet MAC. I think the kernel generates an address much earlier in the boot, and then NetworkManager lives with it.
There may be a way to avoid this, especially if you are not using IPv6 for the actual boot. It is not a security risk; it is a possible privacy concern.
The documentation for network boot includes adding "ip=dhcp" to /boot/firmware/cmdline.txt. That alone is enough to cause the IPv6 address to be based on the Ethernet MAC. I think the kernel generates an address much earlier in the boot, and then NetworkManager lives with it.
There may be a way to avoid this, especially if you are not using IPv6 for the actual boot. It is not a security risk; it is a possible privacy concern.
Statistics: Posted by jojopi — Thu Mar 06, 2025 11:40 am