The permanent ipv6 address of my machines changed with the advent of macOS Sierra.
Note that we're not talking about the privacy enhanced temporary addresses. What I'm talking about happens even with "sysctl -w net.inet6.ip6.use_tempaddr=0" in effect.
The difference is that ifconfig shows a "secured" flag on the end of both the link-local and prefix-assigned addresses on Ethernet and WiFi interfaces. The host portion of the address differs from what the EUI-64 expansion of the host MAC address ostensibly would be. Additionally, the 0x2 bit of the top byte of the host portion is zero, which indicates that it's a "non-unique" address, though the addresses do seem to remain consistent across reboots.
My guess is that Apple is constructing the host portion of the link-local address by running the EUI-64 through a cryptographic hash function or something like that.
Is this new addition to sierra documented anywhere? Can it be turned on or off?
Best Answer
There hasn't been any documentation made available for this feature (so no information on how the addresses are generated), which is indeed new in Sierra, nor can it be disabled. Apple announced this feature at WWDC 2016.
Essentially Apple is generating IPv6 addresses that are unrelated to the MAC address in order to prevent tracking of users based on MAC addresses assigned to Apple. The link-local address is generated once and does not change (since there's less privacy concern in local-only communication), whereas the non-temporary address will change when connecting to a new network.