NetworkManager.conf help

dariolli · February 1, 2026, 4:47am

Hi

It seems I learned documentation of NetworkManager.

And, can you please check whether i am doing right, because it is first time i ever change something like this.

Here is what i drafted

[main]
hostname-mode=none

[connection]
connection.stable-id="${RANDOM}" #is this correct?
ethernet.cloned-mac-address=random
wifi.cloned-mac-address=random
ipv4.dhcp-client-id=stable #maybe =mac?
ipv6.dhcp-duid=stable-uuid #maybe =random?
ipv6.addr-gen-mode=stable-privacy #maybe =random?
ipv6.ip6-privacy=2
ipv4.dhcp-send-hostname=false
ipv6.dhcp-send-hostname=false
connection.mdns=no
connection.llmnr=no
generate-mac-address-mask=FF:FF:FF:00:00:00  3C:28:6D:00:00:00

Other variants from varios forums (not sure about them)

ipv4.dhcp-client-id=stable-${RANDOM}
connection.stable-id=${CONNECTION}/${BOOT}/${RANDOM}

# Optional: force new random stable-id on every boot
connection.stable-id=${BOOT}


# MOST interesting -->
# Claimed as "MAC-based client-id/IAID" replacement of machine-id derived values
# MEANS identifiers change together with randomized MAC???
ipv4.dhcp-client-id=mac
ipv4.dhcp-iaid=mac
ipv6.dhcp-duid=ll

Last one should deceive networks that it is “real” MAC, not randomized since captive can demand real OUI and i don’t feel comfortable revealing my brand, let alone MAC

My idea to hide myself from public networks. I already enabled random MAC, but i see that machine-idused in DHCP ID, which can be used to track me. So i wonder if this config will help me WITHOUT constant rotation of machine-id.

Some guides in internet says i should put ipv4.dhcp-client-id=mac but won’t it kill all the purpose of hiding? Also, i didn’t test but some guides says that something like ipv4.dhcp-client-id=mac is mac that randomised by ethernet.cloned-mac-address=random / wifi.cloned-mac-address=random. But i am not sure. I will be very pleased if someone check

generate-mac-address-mask=FF:FF:FF:00:00:00 3C:28:6D:00:00:00 it is better than without. Without captive portal see random mac and can ban it. This spoofs like real one

OUI for it can be taken from list

I will be very pleased for review, critics and advices!

Many thanks in advance

jlehtone · February 1, 2026, 4:22pm

Verbatim same post can be found from at least five different Linux fora, all posted within 24 hours. That is practically spamming.

Surely you have a DHCP server of your own where you can check what data is actually created and passed by your config?

dariolli · February 1, 2026, 6:17pm

Hi

Yeah. I have OpenWRT router. Just cat /tmp/dhcp.leases should do the trick

But now i am on vacation, so i will be near that router after some time