Question re session hijacking in dual stack environments w/MacOS
merlyn at geeks.org
Fri Oct 2 05:46:47 UTC 2015
On Tue, Sep 29, 2015 at 09:23:59AM +0200, Mark Tinka wrote:
> On 26/Sep/15 16:34, David Hubbard wrote:
> > Has anyone run into this? Our users on other platforms don't seem to
> > have this issue; linux and MS desktops seem to just use v6 if it's
> > available and v4 if not.
> I have been tracking down an issue for months where SSH'ing to some
> devices (which picks IPv6 by default) from my Mac while in the office
> drops the connection, forcing me to reconnect. It's random; sometimes it
> happens a lot, sometimes, rarely, other times not at all.
I suspect this is OSX implementing IPv6 Privacy Extensions. Where OSX
generates a new random IPv6 address, applies it to the interface, and then
drops the old IPv6 addresses as they stale out. Sessions in use or not.
sudo sysctl -w net.inet6.ip6.use_tempaddr=0
sudo sh -c 'echo net.inet6.ip6.use_tempaddr=0 >> /etc/sysctl.conf'
More information about the NANOG