I want my Windows boxes to:
- Use 'privacy' addresses for outgoing connections
- Have a EUI64 address to listen for incoming connections
- Not use any legacy tunneling protocols
This can be enabled permanently using the following batch script:
REM enables RFC 4941 privacy extensions (i.e. temporary address for outgoing connections) netsh interface ipv6 set privacy state=enabled store=active netsh interface ipv6 set privacy state=enabled store=persistent REM Don't use random identifier. This will result in EUI64 based adddresses netsh interface ipv6 set global randomizeidentifiers=disabled store=active netsh interface ipv6 set global randomizeidentifiers=disabled store=persistent REM disable unused tunneling protocols netsh interface ipv6 6to4 set state disabled netsh interface ipv6 isatap set state disabled netsh interface ipv6 set teredo disabled
The order of the two first blocks seems to matter. If you put the randomizeidentifiers block before the privacy block, then Windows will still use randomizeidentifiers...