This script checks that the IPv6 privacy extension are working properly and if there is a problem with getting a new IPv6 address this script restarts the network. I saw once in a while that the IPv6 privacy extension failed to get a new IPv6 address from the router and stopped working. Use this script in a schedule to check for working IPv6 privacy extension.
Bash script using IPv6 grep
#!/bin/bash
IPv6privacycheck=$(/sbin/ip -6 addr | grep inet6 | grep -v "::1" | grep -v "inet6 fe80" | grep -v "inet6 fd" | grep "scope global temporary dynamic")
if [ -z "$IPv6privacycheck" ]
then
systemctl restart networking
sleep 60
logger " IPv6 privacy extension failed, restarting network"
fi
exit 0
Bash script using IPv6 route command with token. If the IPv6 privacy extension stops working Linux start using the token for outgoing connection, this script checks if a token is being used for outbound connection and if it is then it restarts the network interface.
#!/bin/bash
SUFFIX="::71c6:b34f:8e2a:54f5"
__rfc5952_expand () {
read addr mask < <(IFS=/; echo $1)
quads=$(grep -oE "[a-fA-F0-9]{1,4}" <<< ${addr/\/*} | wc -l)
grep -qs ":$" <<< $addr && { addr="${addr}0000"; (( quads++ )); }
grep -qs "^:" <<< $addr && { addr="0000${addr}"; (( quads++ )); }
[ $quads -lt 8 ] && addr=${addr/::/:$(for (( i=1; i<=$(( 8 - quads )) ; i++ )); do printf "0000:"; done)}
addr=$(for quad in $(IFS=:; echo ${addr}); do printf "${delim}%04x" "0x${quad}"; delim=":"; done)
[ ! -z $mask ] && echo $addr/$mask || echo $addr
}
SUFFIX="$(__rfc5952_expand $SUFFIX)"
SUFFIX=${SUFFIX: -19}
OutboundIPv6=$(ip route get 2000:: | awk '{print $11}')
#OutboundIPv6=$(ip route get 2000:: | grep -Po -- 'src \K\S*')
OutboundIPv6="$(__rfc5952_expand $OutboundIPv6)"
OutboundIPv6=${OutboundIPv6: -19}
if [ $OutboundIPv6 == $SUFFIX ]; then
systemctl restart networking
sleep 60
logger " IPv6 token detected in outbound connection"
fi
exit 0
Let me know if you have any comments or if there is any error in this guide.