IPv6 Privacy Extensions: Why Your IPv6 Address Keeps Changing

Q: Why does my IPv6 address keep changing?

Because IPv6 privacy extensions generate a temporary address with a randomized host portion and rotate it periodically. Your device prefers the temporary address for outbound connections while usually keeping a stable address as well. The current standard is RFC 8981, and the rotation interval depends on your operating system, typically on the order of hours to a day.

Q: What are IPv6 privacy extensions?

They are a mechanism that gives your device short-lived IPv6 addresses with randomized host bits instead of one permanent address tied to your hardware. They were introduced in RFC 4941, now obsoleted by RFC 8981, to stop a stable address from acting as a long-term tracking identifier across networks.

Q: Did my IPv6 address leak my MAC address?

It could have on older systems. Early IPv6 autoconfiguration used EUI-64, which built the interface identifier directly from the network card MAC address, producing a stable tail that followed you between networks. EUI-64 is defined in RFC 4291. Modern systems avoid this by using temporary or stable-opaque addresses instead.

Q: Are IPv6 privacy extensions enabled by default?

On most modern operating systems, yes. Windows, macOS, iOS, and Android enable temporary IPv6 addresses by default, while Linux controls the behavior through the use_tempaddr setting. The exact defaults can vary by version and configuration, so it is worth checking your own device if it matters for your setup.

Q: Do privacy extensions hide my IP from websites?

No. Privacy extensions randomize the host portion of your IPv6 address, but the network prefix still identifies your connection and ISP, so the site you visit still sees an address that belongs to your network. They reduce long-term tracking across networks; to hide your IP from a website you need a VPN or proxy.

~/sheets/ipv6-privacy-extensions.md

Why Your IPv6 Address Is a Moving Target
IPv6 privacy extensions give your device a temporary IPv6 address with a randomized host portion that rotates over time, instead of one permanent address tied to your network card. They exist to fix a real privacy problem in how IPv6 originally assigned addresses. If you have noticed your IPv6 address is different from one day to the next while your IPv4 stays put, this is usually why.
You can expand and inspect any IPv6 address with our IPv6 Expander, and see the hardware identifier behind the old behavior with our MAC Address Tool.
Why Your IPv6 Address Changes
With privacy extensions, your device generates a temporary address using a randomized interface identifier and rotates it periodically. Outbound connections prefer the short-lived temporary address, while a stable address is usually kept at the same time so that services can still reach you. The current standard for this behavior is RFC 8981, "Temporary Address Extensions for SLAAC in IPv6." The rotation interval depends on the operating system and configuration, typically on the order of hours to a day, rather than a single fixed number.
The Old MAC Leak: SLAAC and EUI-64
Early IPv6 autoconfiguration (SLAAC) built the 64-bit interface identifier with a scheme called EUI-64, which derived those bits directly from the device's MAC address. Because a MAC address is fixed to the hardware, that produced a stable, globally unique tail that stayed the same as you moved between networks, effectively a tracking beacon baked into your address. EUI-64 is defined in RFC 4291, the IPv6 addressing architecture, and our MAC Address Tool shows exactly how an EUI-64 identifier is derived from a MAC.
The Fix: RFC 4941, Now RFC 8981
Temporary address extensions were first introduced in RFC 4941, which has since been obsoleted by RFC 8981. Together with random temporary addresses, a separate standard, RFC 7217, defines stable-but-opaque interface identifiers that stay consistent on a given network without ever encoding the MAC. The result is that modern IPv6 no longer needs to leak your hardware address, whether you use rotating temporary addresses or the stable-opaque approach.
Are They Enabled by Default?
Most modern operating systems, including Windows, macOS, iOS, and Android, enable temporary IPv6 addresses by default; on Linux the behavior is controlled by the use_tempaddr setting. One important nuance: privacy extensions randomize the host portion of your address, but the network prefix still identifies your connection and ISP, so they do not hide your IP from a website the way a VPN would. They reduce long-term cross-network tracking, not your visibility to the site you are connecting to.
Frequently Asked Questions
Why does my IPv6 address keep changing?
Because IPv6 privacy extensions generate a temporary address with a randomized host portion and rotate it periodically. Your device prefers the temporary address for outbound connections while usually keeping a stable address as well. The current standard is RFC 8981, and the rotation interval depends on your operating system, typically on the order of hours to a day.
What are IPv6 privacy extensions?
They are a mechanism that gives your device short-lived IPv6 addresses with randomized host bits instead of one permanent address tied to your hardware. They were introduced in RFC 4941, now obsoleted by RFC 8981, to stop a stable address from acting as a long-term tracking identifier across networks.
Did my IPv6 address leak my MAC address?
It could have on older systems. Early IPv6 autoconfiguration used EUI-64, which built the interface identifier directly from the network card MAC address, producing a stable tail that followed you between networks. EUI-64 is defined in RFC 4291. Modern systems avoid this by using temporary or stable-opaque addresses instead.
Are IPv6 privacy extensions enabled by default?
On most modern operating systems, yes. Windows, macOS, iOS, and Android enable temporary IPv6 addresses by default, while Linux controls the behavior through the use_tempaddr setting. The exact defaults can vary by version and configuration, so it is worth checking your own device if it matters for your setup.
Do privacy extensions hide my IP from websites?
No. Privacy extensions randomize the host portion of your IPv6 address, but the network prefix still identifies your connection and ISP, so the site you visit still sees an address that belongs to your network. They reduce long-term tracking across networks; to hide your IP from a website you need a VPN or proxy.
Last updated: April 2026