In IPv6, one of the most convenient features is SLAAC—Stateless Address Autoconfiguration. In this post, I will break down what SLAAC is, how it works, and when to use it
SLAAC stands for Stateless Address Autoconfiguration. It’s a method used in IPv6 that allows devices to automatically configure their own IP addresses without needing a DHCP server.
The term stateless means that the router doesn’t keep a record of the addresses it hands out. Devices generate their own addresses based on information from the network and their own unique identifiers. This is a hard concept to grasp if you have been in the IPV4 world like I have. I am used to seeing addresses in a DHCP leases output.
How Does SLAAC Work?
SLAAC relies on Router Advertisements (RA) sent by IPv6-enabled routers. Here’s how it works:
- Device Joins Network: When an IPv6-capable device connects to a network, it listens for Router Advertisement (RA) messages on the local segment (lan).
- Router Sends RA: The router broadcasts RA messages periodically or in response to Router Solicitation (RS) requests from devices. These RAs contain:
- The network’s prefix
- The default gateway address
- Flags indicating whether SLAAC or DHCPv6 should be used
- Device Generates Address: Using the prefix in the RA and either its MAC address or a randomly generated identifier, the device creates its own IPv6 address.
- Duplicate Address Detection (DAD): The device checks the network to ensure its new address is not already in use.
- Device Configures Itself: If the address is unique, the device assigns it to its interface and begins using it.
Let’s say a router sends an RA with the prefix 2001:db8:abcd::/64. A device might use SLAAC to configure itself with:
2001:db8:abcd::a4f3:29ff:fe7d:8921
This is generated by combining the prefix with a unique identifier based on the device’s MAC address or a randomized value.
SLAAC vs DHCPv6
| Feature | SLAAC | DHCPv6 |
|---|---|---|
| Address assignment | Device configures itself | Server assigns address |
| Server required | No | Yes |
| DNS info | Provided via RDNSS or DHCPv6 | Provided by DHCPv6 |
| Stateful | No | Yes |
You can also combine SLAAC with DHCPv6 to provide DNS information if your router doesn’t support the RDNSS (Recursive DNS Server) option in RA messages. I tend to prefer SLACC as it just works.
Privacy Considerations
By default, SLAAC can use the device’s MAC address to generate the interface ID, which might make tracking devices easier across networks. Modern systems typically support IPv6 Privacy Extensions, which randomize this part of the address to enhance user privacy.
Disabling SLAAC
In some enterprise or security-sensitive networks, administrators may disable SLAAC to maintain tighter control over IP assignments and auditing. This is usually done by adjusting RA flags on routers or switchport configurations
Want to dig deeper into IPv6? Stay tuned for upcoming posts on Router Advertisements, Privacy Extensions, and DHCPv6!
j2networks family of siteshttps://j2sw.com
https://startawisp.info
https://indycolo.net
#packetsdownrange #routethelight
Discover more from Justin Wilson (j2sw)
Subscribe to get the latest posts sent to your email.