diff --git a/etc/defaults/rc.conf b/etc/defaults/rc.conf
index dfdf08fcbf2..9151da487ae 100644
--- a/etc/defaults/rc.conf
+++ b/etc/defaults/rc.conf
@@ -210,6 +210,7 @@ cloned_interfaces=""		# List of cloned network interfaces to create.
 ifconfig_lo0="inet 127.0.0.1"	# default loopback device configuration.
 #ifconfig_lo0_alias0="inet 127.0.0.254 netmask 0xffffffff" # Sample alias entry.
 #ifconfig_ed0_ipx="ipx 0x00010010"	# Sample IPX address family entry.
+#ifconfig_ed0_ipv6="RTADV" 	# Sample IPv6 entry for RA/rtsol(8)
 #ifconfig_ed0_ipv6="inet6 2001:db8:1::1 prefixlen 64" # Sample IPv6 addr entry
 #ifconfig_ed0_alias0="inet6 2001:db8:2::1 prefixlen 64" # Sample IPv6 alias
 #ifconfig_fxp0_name="net0"	# Change interface name from fxp0 to net0.
@@ -439,8 +440,9 @@ rfcomm_pppd_server_two_channel="3"	# Override local channel for 'two'
 icmp_bmcastecho="NO"	# respond to broadcast ping packets
 
 ### IPv6 options: ###
-ipv6_network_interfaces="none"	# List of IPv6 network interfaces
-				# (or "auto" or "none").
+ipv6_network_interfaces="AUTO"	# List of IPv6 network interfaces
+ipv6_prefer="YES" 		# Use IPv6 when both IPv4 and IPv6 can be used
+ipv6_privacy="NO" 		# Use privacy addresses with RTADV (RFC 4193)
 ipv6_defaultrouter="NO"		# Set to IPv6 default gateway (or NO).
 #ipv6_defaultrouter="2002:c058:6301::"	# Use this for 6to4 (RFC 3068)
 ipv6_static_routes=""		# Set to static route list (or leave empty).
@@ -499,7 +501,6 @@ ipv6_ipfilter_rules="/etc/ipf6.rules"	# rules definition file for ipfilter,
 					# for examples
 ip6addrctl_enable="YES"	# Set to YES to enable default address selection
 ip6addrctl_verbose="NO"	# Set to YES to enable verbose configuration messages
-ipv6_prefer="NO"	# Use IPv6 when both IPv4 and IPv6 can be used
 
 ##############################################################
 ###  System console options  #################################
diff --git a/etc/network.subr b/etc/network.subr
index fbf3ff9022d..52c99db431c 100644
--- a/etc/network.subr
+++ b/etc/network.subr
@@ -96,44 +96,32 @@ ifconfig_up()
 	# inet6 specific
 	if afexists inet6; then
 		if ipv6if $1; then
-			if checkyesno ipv6_gateway_enable; then
-				_ipv6_opts="-accept_rtadv"
+			# Implicitly handles ipv6_gateway_enable
+			_ipv6_opts='-ifdisabled -accept_rtadv'
+
+			if ipv6_autoconfif $1; then
+				_ipv6_opts='-ifdisabled accept_rtadv'
+			fi
+
+			ifconfig $1 inet6 $_ipv6_opts
+
+			# ifconfig_IF_ipv6
+			ifconfig_args=`ifconfig_getargs $1 ipv6`
+
+			if [ -n "$ifconfig_args" ]; then
+				ifconfig $1 $ifconfig_args
+				_cfg=0
 			fi
 		else
-			if checkyesno ipv6_prefer; then
-				_ipv6_opts="-ifdisabled"
-			else
-				_ipv6_opts="ifdisabled"
-			fi
-
-			# backward compatibility: $ipv6_enable
-			case $ipv6_enable in
-			[Yy][Ee][Ss])
-				_ipv6_opts="${_ipv6_opts} accept_rtadv"
+		# Remove in FreeBSD 10.x
+		# Explicit test is necessary here to avoid nonexistence error
+			case "$ipv6_enable" in
+			[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1)
+			warn "Interface $1 will NOT be configured for IPv6"
 				;;
 			esac
-		fi
 
-		if [ -n "${_ipv6_opts}" ]; then
-			ifconfig $1 inet6 ${_ipv6_opts}
-		fi
-
-		# ifconfig_IF_ipv6
-		ifconfig_args=`ifconfig_getargs $1 ipv6`
-		if [ -n "${ifconfig_args}" ]; then
-			ifconfig $1 inet6 -ifdisabled
-			ifconfig $1 ${ifconfig_args}
-			_cfg=0
-		fi
-
-		# backward compatiblity: $ipv6_ifconfig_IF
-		ifconfig_args=`get_if_var $1 ipv6_ifconfig_IF`
-		if [ -n "${ifconfig_args}" ]; then
-			warn "\$ipv6_ifconfig_$1 is obsolete." \
-			    "  Use ifconfig_$1_ipv6 instead."
-			ifconfig $1 inet6 -ifdisabled
-			ifconfig $1 inet6 ${ifconfig_args}
-			_cfg=0
+			ifconfig $1 inet6 ifdisabled
 		fi
 	fi
 
@@ -194,7 +182,7 @@ ifconfig_down()
 #	$default if given.
 get_if_var()
 {
-	local _if _punct _var _default prefix suffix
+	local _if _punct _punct_c _var _default prefix suffix
 
 	if [ $# -ne 2 -a $# -ne 3 ]; then
 		err 3 'USAGE: get_if_var name var [default]'
@@ -219,7 +207,7 @@ get_if_var()
 #	outside this file.
 _ifconfig_getargs()
 {
-	local _ifn _af
+	local _ifn _af value
 	_ifn=$1
 	_af=${2+_$2}
 
@@ -227,7 +215,18 @@ _ifconfig_getargs()
 		return 1
 	fi
 
-	get_if_var $_ifn ifconfig_IF$_af "$ifconfig_DEFAULT"
+	value=`get_if_var $_ifn ifconfig_IF$_af "$ifconfig_DEFAULT"`
+
+	# Remove in FreeBSD 10.x
+	if [ "$_af" = _ipv6 -a -z "$value" ]; then
+		value=`get_if_var $_ifn ipv6_ifconfig_IF "$ifconfig_DEFAULT"`
+		if [ -n "$value" ]; then
+			warn "\$ipv6_ifconfig_$1 is obsolete." \
+			"  Use ifconfig_$1_ipv6 instead."
+		fi
+	fi
+
+	echo $value
 }
 
 # ifconfig_getargs if [af]
@@ -249,6 +248,8 @@ ifconfig_getargs()
 		[Nn][Oo][Ss][Yy][Nn][Cc][Dd][Hh][Cc][Pp]) ;;
 		[Ss][Yy][Nn][Cc][Dd][Hh][Cc][Pp]) ;;
 		[Ww][Pp][Aa]) ;;
+		[Rr][Tt][Aa][Dd][Vv]) ;;
+		[Nn][Oo][Rr][Tt][Aa][Dd][Vv]) ;;
 		*)
 			_args="$_args $_arg"
 			;;
@@ -372,77 +373,45 @@ afexists()
 	esac
 }
 
-# noafif if
-#	Returns 0 if the interface has no af configuration and 1 otherwise.
-noafif()
-{
-	local _if
-	_if=$1
-
-	case $_if in
-	pflog[0-9]*|\
-	pfsync[0-9]*|\
-	an[0-9]*|\
-	ath[0-9]*|\
-	ipw[0-9]*|\
-	iwi[0-9]*|\
-	iwn[0-9]*|\
-	ral[0-9]*|\
-	wi[0-9]*|\
-	wl[0-9]*|\
-	wpi[0-9]*)
-		return 0
-		;;
-	esac
-
-	return 1
-}
-
 # ipv6if if
 #	Returns 0 if the interface should be configured for IPv6 and
 #	1 otherwise.
 ipv6if()
 {
-	local _if _tmpargs i
-	_if=$1
-
 	if ! afexists inet6; then
 		return 1
 	fi
 
 	# lo0 is always IPv6-enabled
-	case $_if in
+	case $1 in
 	lo0)
 		return 0
 		;;
 	esac
 
-	# True if $ifconfig_IF_ipv6 is defined.
-	_tmpargs=`_ifconfig_getargs $_if ipv6`
-	if [ -n "${_tmpargs}" ]; then
-		return 0
-	fi
+	local _if _tmpargs i
+	_if=$1
 
-	# backward compatibility: True if $ipv6_ifconfig_IF is defined.
-	_tmpargs=`get_if_var $_if ipv6_ifconfig_IF`
-	if [ -n "${_tmpargs}" ]; then
-		return 0
-	fi
-
-	case "${ipv6_network_interfaces}" in
-	[Aa][Uu][Tt][Oo])
-		return 0
-		;;
+	case "$ipv6_network_interfaces" in
 	''|[Nn][Oo][Nn][Ee])
 		return 1
 		;;
+	$_if|"$_if "*|*" $_if"|*" $_if "*|[Aa][Uu][Tt][Oo])
+		# True if $ifconfig_IF_ipv6 is defined.
+		_tmpargs=`_ifconfig_getargs $_if ipv6`
+		;;
 	esac
 
-	for i in ${ipv6_network_interfaces}; do
-		if [ "$i" = "$_if" ]; then
-			return 0
-		fi
-	done
+	if [ -n "$_tmpargs" ]; then
+		# Remove in FreeBSD 10.x
+		# Explicit test is necessary here to avoid nonexistence error
+		case "$ipv6_enable" in
+		[Nn][Oo]|[Ff][Aa][Ll][Ss][Ee]|[Oo][Ff][Ff]|0)
+			;;
+		*)	return 0
+			;;
+		esac
+	fi
 
 	return 1
 }
@@ -452,24 +421,7 @@ ipv6if()
 #	Stateless Address Configuration, 1 otherwise.
 ipv6_autoconfif()
 {
-	local _if _tmpargs _arg
-	_if=$1
-
-	if ! ipv6if $_if; then
-		return 1
-	fi
-	if noafif $_if; then
-		return 1
-	fi
-	if checkyesno ipv6_gateway_enable; then
-		return 1
-	fi
-	_tmpargs=`get_if_var $_if ipv6_prefix_IF`
-	if [ -n "${_tmpargs}" ]; then
-		return 1
-	fi
-
-	case $_if in
+	case $1 in
 	lo0|\
 	stf[0-9]*|\
 	faith[0-9]*|\
@@ -481,32 +433,37 @@ ipv6_autoconfif()
 		;;
 	esac
 
-	# backward compatibility: $ipv6_enable
-	case $ipv6_enable in
-	[Yy][Ee][Ss])
+	local _if _tmpargs _arg
+	_if=$1
+
+	if ! ipv6if $_if; then
+		return 1
+	fi
+	if checkyesno ipv6_gateway_enable; then
+		return 1
+	fi
+	_tmpargs=`get_if_var $_if ipv6_prefix_IF`
+	if [ -n "${_tmpargs}" ]; then
+		return 1
+	fi
+	if ! is_wired_interface $_if; then
+		case $_if in
+		wlan[0-9]*)	;;	# Allow test to continue
+		*)	return 1
+			;;
+		esac
+	fi
+
+	_tmpargs=`_ifconfig_getargs $_if ipv6`
+	case "$_tmpargs" in
+	*inet6\ *|*[Nn][Oo][Rr][Tt][Aa][Dd][Vv]*|*-accept_rtadv*)
+		return 1
+		;;
+	*[Rr][Tt][Aa][Dd][Vv]*|*accept_rtadv*)
 		return 0
 		;;
 	esac
 
-	_tmpargs=`_ifconfig_getargs $_if ipv6`
-	for _arg in $_tmpargs; do
-		case $_arg in
-		accept_rtadv)
-			return 0
-			;;
-		esac
-	done
-
-	# backward compatibility: $ipv6_ifconfig_IF
-	_tmpargs=`get_if_var $_if ipv6_ifconfig_IF`
-	for _arg in $_tmpargs; do
-		case $_arg in
-		accept_rtadv)
-			return 0
-			;;
-		esac
-	done
-
 	return 1
 }
 
diff --git a/etc/rc.d/ip6addrctl b/etc/rc.d/ip6addrctl
index d3b18561795..3963b071c73 100755
--- a/etc/rc.d/ip6addrctl
+++ b/etc/rc.d/ip6addrctl
@@ -20,8 +20,6 @@ status_cmd="ip6addrctl"
 prefer_ipv6_cmd="ip6addrctl_prefer_ipv6"
 prefer_ipv4_cmd="ip6addrctl_prefer_ipv4"
 
-set_rcvar_obsolete ipv6_enable ipv6_prefer
-
 ip6addrctl_prefer_ipv6()
 {
 	afexists inet6 || return 0
diff --git a/etc/rc.d/netif b/etc/rc.d/netif
index f982cfce647..06b8e76cfa9 100755
--- a/etc/rc.d/netif
+++ b/etc/rc.d/netif
@@ -34,6 +34,7 @@
 . /etc/network.subr
 
 name="network"
+start_precmd="network_prestart"
 start_cmd="network_start"
 stop_cmd="network_stop"
 cloneup_cmd="clone_up"
@@ -41,7 +42,13 @@ clonedown_cmd="clone_down"
 extra_commands="cloneup clonedown"
 cmdifn=
 
-set_rcvar_obsolete ipv6_enable ipv6_prefer
+network_prestart()
+{
+	if [ -n "$ipv6_enable" ]; then
+		warn 'The ipv6_enable option is deprecated.'
+		warn 'See rc.conf(5) for information on disabling IPv6.'
+	fi
+}
 
 network_start()
 {
diff --git a/etc/rc.d/netoptions b/etc/rc.d/netoptions
index 46313045679..433ce82f8a7 100755
--- a/etc/rc.d/netoptions
+++ b/etc/rc.d/netoptions
@@ -99,6 +99,13 @@ netoptions_inet6()
 	else
 		${SYSCTL_W} net.inet6.ip6.v6only=1 >/dev/null
 	fi
+
+	if checkyesno ipv6_privacy; then
+		netoptions_init
+		echo -n " IPv6 Privacy Addresses"
+		${SYSCTL_W} net.inet6.ip6.use_tempaddr=1 >/dev/null
+		${SYSCTL_W} net.inet6.ip6.prefer_tempaddr=1 >/dev/null
+	fi
 }
 
 load_rc_config $name
diff --git a/share/man/man5/rc.conf.5 b/share/man/man5/rc.conf.5
index ec3f2922b70..59e338b010f 100644
--- a/share/man/man5/rc.conf.5
+++ b/share/man/man5/rc.conf.5
@@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd March 05, 2010
+.Dd April 8, 2010
 .Dt RC.CONF 5
 .Os
 .Sh NAME
@@ -1292,26 +1292,79 @@ It is also possible to rename an interface by doing:
 ifconfig_ed0_name="net0"
 ifconfig_net0="inet 192.0.2.1 netmask 0xffffff00"
 .Ed
+.\" Remove in FreeBSD 10.x
 .It Va ipv6_enable
 .Pq Vt bool
-If the variable is
-.Dq Li YES ,
-.Dq Li inet6 accept_rtadv
-is added to all of
-.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6
-and the
-.Va ipv6_prefer
-is defined as
-.Dq Li YES .
 .Pp
-This variable is deprecated.  Use
-.Va ipv6_prefer
-and
+This option is deprecated.
+.Pp
+If the variable is
+.Dq Li YES
+it has no effect.
+To configure IPv6 for an interface see
+.Va ipv6_network_interfaces
+below.
+.Pp
+If the variable is
+.Dq Li NO
+then other than
+.Dq Li lo0
+IPv6 will be disabled for each interface,
+however the same effect can be achieved by
+not configuring the interface.
+.It Va ipv6_network_interfaces
+.Pq Vt str
+This is the IPv6 equivalent of
+.Va network_interfaces .
+Normally configuration of this variable is not needed,
+the value should be left as
+.Dq Li AUTO .
+.Pp
+If
+.Dq Li INET6
+is configured in the kernel configuration for the
+.Dq Li lo0
+interface will always be performed.
+It is not necessary to list it in
+.Va ipv6_network_interfaces .
+.Pp
+Example configuration to accept Router Advertisements (RA) for the
+.Dq Li ed0
+interface:
+.Bd -literal
+ifconfig_ed0_ipv6="RTADV"
+.Ed
+.Pp
+To disable RA the
+.Dq Li NORTADV
+option is available, although not required if manual
+configuration is performed as described below.
+.Pp
+An IPv6 interface can be configured manually with
 .Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 .
+For example:
+.Bd -literal
+ifconfig_ed0_ipv6="inet6 2001:db8:1::1 prefixlen 64"
+.Ed
+.Pp
+Manual configuration of an IPv6 address will also
+require configuration of the
+.Va ipv6_defaultrouter
+option.
+.Pp
+Aliases should be set by
+.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
+with the
+.Dq Li inet6
+keyword.
+For example:
+.Pp
+.Bd -literal
+ifconfig_ed0_alias0="inet6 2001:db8:2::1 prefixlen 64"
+.Ed
+.Pp
 .It Va ipv6_prefer
 .Pq Vt bool
-This variable does the following:
-.Pp
 If the variable is
 .Dq Li YES ,
 the default policy of the source address selection set by
@@ -1322,49 +1375,15 @@ If the variable is
 .Dq Li NO ,
 the default policy of the source address selection set by
 .Xr ip6addrctl 8
-will be IPv4-preferred, and all of interfaces which does not have the
-corrsponding
-.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6
-variable will be marked as
-.Dq Li IFDISABLED .
-This means only IPv6 functionality on that interface is completely
-disabled.  For more details of
-.Dq Li IFDISABLED
-flag and keywords
-.Dq Li inet6 ifdisabled ,
-see
-.Xr ifconfig 8 .
+will be IPv4-preferred.
 .Pp
-.It Va ipv6_network_interfaces
-.Pq Vt str
-This is the IPv6 equivalent of
-.Va network_interfaces .
-Normally manual configuration of this variable is not needed.
+.It Va ipv6_privacy
+.Pq Vt bool
+If the variable is
+.Dq Li YES
+privacy addresses will be generated for each IPv6
+interface as described in RFC 4193.
 .Pp
-IPv6 functionality on an interface should be configured by
-.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6 ,
-instead of setting ifconfig parameters in
-.Va ifconfig_ Ns Aq Ar interface .
-Aliases should be set by
-.Va ifconfig_ Ns Ao Ar interface Ac Ns Va _alias Ns Aq Ar n
-with
-.Dq Li inet6
-keyword.  For example:
-.Bd -literal
-ifconfig_ed0_ipv6="inet6 2001:db8:1::1 prefixlen 64"
-ifconfig_ed0_alias0="inet6 2001:db8:2::1 prefixlen 64"
-.Ed
-.Pp
-Interfaces that have an
-.Dq Li inet6 accept_rtadv
-keyword in
-.Va ifconfig_ Ns Ao Ar interface Ac Ns _ipv6
-setting will be automatically configured by
-.Xr rtsol 8 .
-Note that this automatic configuration is disabled if the
-.Va ipv6_gateway_enable
-is set to
-.Dq Li YES .
 .It Va ipv6_prefix_ Ns Aq Ar interface
 .Pq Vt str
 If one or more prefixes are defined in