I have both RA and DHCPv6 enabled, (I understand DNS information is only passed over DHCPv6 to the clients?)
I have added a preferred ULA prefix in Global Network Options, but I have a problem.
While I do want ULA to be assigned over DHCP so that I can get a nice static address, I don't want GUA to be assigned over DHCPv6 because the suffix is static, not private like it is with SLAAC using RA, and it ends up being used as my public facing ipv6 address.
Depends on the client but also on the router sending RA.
Their is a standard since 2018? to embed nameserver info in the RA and all modern OS I'm aware understand that.
I'm not sure if the default config of odhcpv6 is sending this info because I'm using dnsmasq full or bird in other setups....
May I ask you about the issue of using gua? I would consider myself as privacy concerned too but I or we have much länger issues then a unique global address. Because in to end it's your ISP contract and they know about the destination on the /56 anyway. In the end I get blamed and it does not matter who on my network die something....
And I like the p2p connectivity so I prefer the gua.
On Linux you can modify the preference of source address selection. So your client would choose the ULA and your router needs to do I.e. NPT.
I would like to get your feedback if it answer some of your questions and if it helped you somehow.
Edit ps. Afaik you can only with i.e. bird install a filter on the routes which got used to craft RA i.e. which prefix is communicated to the client as a prefix to choose an address from..
Indeed it doesn't matter from the perspective of whether I'll get blamed for something that happens using this IP.
That's not what bothers me though, I don't want a specific device to always get the (public prefix)::54a address. I'd rather it gets the SLAAC address, which changes from time to time.
Also I would prefer if it can be done on the router side to cover all devices, after all If I wanted to do it on the endpoint side, I could set up the ula static for each device
I understand you. But you have it some kind of up side down.
The decision to be more privacy focused lays with the client.
I only know Linux and Android:
On Linux with i.e. Network-Manager or systemd-networkblubberdifoo you can choose to prefer privacy. So your client generates random mac and prefers these slaac addresses over dhcpv6. a client can even ignore dhcpv6 at all. you can also configure your router to send better RA info about if a client should or need to request and bother the dhcpv6 server.
andoird: it does not support dhcpv6 at all. I for myself choose to use the hardware mac at home and the auto random mac at all other wifi
But again regarding RA and DHCPv6: If you do not need DHCPv6, then just set the RA flags accordingly.
