Why do modern operating systems use a randomly generated Interface ID instead of EUI-64?
For privacy: EUI-64 embeds the device's MAC address in the IID, so a random 64-bit IID stops the address from leaking the hardware identity and being tracked across networks.
EUI-64 builds the 64-bit Interface ID (IID) directly from the interface's MAC address. Because a MAC stays the same wherever the device goes, an EUI-64 address effectively tags the device with a permanent fingerprint — an observer can recognise the same laptop on a coffee-shop Wi-Fi and at the office. A randomly generated IID is just a 64-bit random number with no link to the hardware, so it breaks that correlation while still giving the host a unique address.
Where each is used:
| Method | How the IID is formed | Typical default |
|---|---|---|
| EUI-64 | Derived from the 48-bit MAC address | Cisco routers |
| Random | 64-bit random number | Windows (since Vista), modern Linux/macOS |
Gotcha: the prefix (e.g. 2001:db8:acad:1::/64) still comes from the Router Advertisement either way — only the IID portion changes. Some OSes also rotate the random IID periodically (RFC 8981 temporary addresses) for outbound connections, so privacy improves further over time.
Go deeper:
RFC 8981 — Temporary Address Extensions for SLAAC — the "privacy addresses" mechanism: randomised, periodically-rotated interface IDs that break address-based tracking.
MAC address — tracking & EUI-64 (Wikipedia) — why a MAC-derived IID is a permanent device fingerprint.