You can use static definitions to give a device or link an IP address. You can use modern(last 20 years) technology to do this for you – and get additional advantages.
A server application needs a fixed IP address and port. A client, connecting to the server, can use a different IP address and port on different days. This has the advantage that it makes it harder for the bad guys to track you from your address and port combination
Client application usually use the option “allocate me any free port”.
To get a different IP address every time you can use IPv6 Stateless Address Auto-configuration (SLAAC). It is called stateless because it does not need to remember any state information from one day to the next. The client application says “give me an IP address, any IP Address” and then uses the IP address, until the device is shutdown, or the interface is closed.
On Linux You need radvd for this to work.
Router Advertisement Daemon (radvd)
You used to have dedicated routers. Now you can run radvd on a computer and it acts like a router. You can run it on your personal machine, or run it in its own machine.
This supports Neighbor Discovery Protocol. When your machine connects to the network, it asks all routers on your local network for configuration information. It gets back a list of prefixes defined on the router (for example 2001:db8::/64). If your machine wants to send a packet to 2001:db8::99, it sends a request to all routers on the local network, asking if any router has 2001:db8::99 defined. If so, the router responds, and so your machine knows where to send the packet to.
When an IP address is allocated to a device, it sends a request to all devices in the local network, asking “does anyone have this address”. This avoids devices with the same IP address. It is known as Duplicate Address Detection (DAD).
My radvd config file
The syntax of the configuration file is defined here
For my interface vl100 I wanted it to give it an IP address 2100… and 2100…
interface vl100
{
AdvSendAdvert on;
MaxRtrAdvInterval 60;
MinDelayBetweenRAs 3;
prefix 2100::/64
{
AdvAutonomous on;
};
prefix 2200::/64
{
};
};
Where
- AdvAutonomous on (the default) says support SLAAC
Creates
: vl100@enp0s31f6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 2200::3905:281e:909b:5e00/64 scope global temporary dynamic
valid_lft 86398sec preferred_lft 14398sec
inet6 2200::8e16:45ff:fe36:f48a/64 scope global dynamic mngtmpaddr
valid_lft 86398sec preferred_lft 14398sec
inet6 2100::3863:da22:619a:42e0/64 scope global temporary dynamic
valid_lft 86398sec preferred_lft 14398sec
inet6 2100::8e16:45ff:fe36:f48a/64 scope global dynamic mngtmpaddr
valid_lft 86398sec preferred_lft 14398sec
inet6 fe80::8e16:45ff:fe36:f48a/64 scope link
valid_lft forever preferred_lft forever
See here for the meaning of the fields
The attributes of the connection include :scope global temporary dynamic
- dynamic was created by using stateless SLAAC configuration. If the address was created by an ip -6 addr add … dev … command, it will not have dynamic.
- tentative – in the process of Duplicate Address Detection processing.
- temporary – it expires after the time interval.
- mngtmpaddr – is used as a template for temporary connections
You can change the attributes of an address using the change command. For example to change the time out value
sudo ip -6 addr change 2200::… dev vl100 valid_lft 100 preferred_lft 10
For me it expired and generated another connection with the same address.
ColinPaice 