Stateless autoconfiguration of IPv6 addresses in Windows 7 (and also Windows Vista) uses, by default, randomization. This is against section 4 of RFC 2464 that mandates that the network identifier part of the IPv6 address is derived from the 48-bit MAC address for Ethernet (and Wireless) interfaces:
4. Stateless Autoconfiguration
The Interface Identifier [AARCH] for an Ethernet interface is based on the EUI-64 identifier [EUI64] derived from the interface’s built-in 48-bit IEEE 802 address. The EUI-64 is formed as follows. (Canonical bit order is assumed throughout.)
The OUI of the Ethernet address (the first three octets) becomes the company_id of the EUI-64 (the first three octets). The fourth and fifth octets of the EUI are set to the fixed value FFFE hexadecimal. The last three octets of the Ethernet address become the last three octets of the EUI-64.
The Interface Identifier is then formed from the EUI-64 by complementing the “Universal/Local” (U/L) bit, which is the next-to-lowest order bit of the first octet of the EUI-64. Complementing this bit will generally change a 0 value to a 1, since an interface’s built-in address is expected to be from a universally administered address space and hence have a globally unique value. A universally administered IEEE 802 address or an EUI-64 is signified by a 0 in the U/L bit position, while a globally unique IPv6 Interface Identifier is signified by a 1 in the corresponding position. For further discussion on this point, see [AARCH].
For example, the Interface Identifier for an Ethernet interface whose built-in address is, in hexadecimal,
A different MAC address set manually or by software should not be used to derive the Interface Identifier. If such a MAC address must be used, its global uniqueness property should be reflected in the value of the U/L bit.
An IPv6 address prefix used for stateless autoconfiguration [ACONF] of an Ethernet interface must have a length of 64 bits.
The fact that Windows 7 doesn’t seem to adhere to this by default might create interoperability problems in networks where section 4 of RFC 2464 is assumed to be true. Linux, *BSD and Solaris map adhere to RFC 2464 by default, and hence many administrators statically create DNS AAAA RRs for such hosts. However, randomization in Windows makes this unfeasible.
A workaround consists of running the following command, with administrator privileges:
netsh interface ipv6 set global randomizeidentifiers=disabled
I’ve sent feedback to Microsoft asking if this is deliberate and why this decision was made in the first place. (Not sure if they will ever reply, though).
Do any of you have any insight on this?