> SLAAC seems to introduce insane churn in the IPv6 of end user devices.
By "insane churn" do you mean "devices generate and allocate new IP addresses for themselves periodically (maybe daily, maybe more frequently)"? If you do, then that's not SLAAC, that's the head-assed thing sometimes known as "IPv6 Privacy Addresses". From what I've seen on Windows, OSX, and Linux, this makes it so that there's one IP that remains constant, and a parade of addresses that get assigned as time marches on. You can disable it on Windows, OSX, and Linux, and I would recommend doing so.
> SLAAC (vs DHCPv6) seems to struggle in fully configuring an end user device (think DNS servers etc.
Yeah, if you're interested in only using SLAAC, then the best you can do is set the `RDNSS` option [0] in your Router Advertisements and pray that the network configurator in the OS you're using has bothered to pay attention to it.
[0] <https://www.rfc-editor.org/rfc/rfc8106#section-5.1> (Do note that despite the date on this RFC, this option was first specified in 2007, and first specified in a non-experimental RFC in 2010... so, it's not like it's new.)
Always learning something, RDNSS - cool. It always felt silly to have this whole system, and STILL need DHCP to do basic stuff. Glad to hear the ipv6 purists CAN avoid the DHCP server. Practically I think it's here to stay for a bit.
I think privacy extensions are unavoidable - they default on in many places. So I'm leaving them. Some devices actually rotate more often (ie, when connecting to different wifi points even if underlying network is the same, apple seems to generate another new IP). But compared to ipv4 (where you can almost immediately trace from an IP you have in a log to device) -> you need more support in your tooling to do that with IPv6 and privacy extensions.
> But compared to ipv4 (where you can almost immediately trace from an IP you have in a log to device...
Honestly, given that the vast majority of the sites that use v6 "privacy addresses" are going to be end-users at their home, and that most of those folks are going to be either using web browsers, and/or already logged into the servers that are servicing their requests, there are so very, _very_ many powerful ways that folks can be tracked that have absolutely nothing to do with their IP address.
"Privacy addresses" are just a nuisance.
> Some devices actually rotate more often (ie, when connecting to different wifi points even if underlying network is the same, apple seems to generate another new IP).
I'm not sure _exactly_ the setup you're talking about. If "connecting to different wifi points" means "disconnecting from one SSID and connecting to another SSID but still being on the same physical network", then I think that this is OSX randomizing your MAC address and/or OSX generating a new DUID when connecting to a different SSID.
By "insane churn" do you mean "devices generate and allocate new IP addresses for themselves periodically (maybe daily, maybe more frequently)"? If you do, then that's not SLAAC, that's the head-assed thing sometimes known as "IPv6 Privacy Addresses". From what I've seen on Windows, OSX, and Linux, this makes it so that there's one IP that remains constant, and a parade of addresses that get assigned as time marches on. You can disable it on Windows, OSX, and Linux, and I would recommend doing so.
> SLAAC (vs DHCPv6) seems to struggle in fully configuring an end user device (think DNS servers etc.
Yeah, if you're interested in only using SLAAC, then the best you can do is set the `RDNSS` option [0] in your Router Advertisements and pray that the network configurator in the OS you're using has bothered to pay attention to it.
[0] <https://www.rfc-editor.org/rfc/rfc8106#section-5.1> (Do note that despite the date on this RFC, this option was first specified in 2007, and first specified in a non-experimental RFC in 2010... so, it's not like it's new.)