/dev/urandom should be a random device, which should look evenly random, and in a uniformly random sequence, you expect to find duplicate patterns. However, since 2,128 possible 16-byte sequences are possible, this should happen with a probability of 2 -128 which is vanishingly small.
However, /dev/urandom , as you know, is not cryptographically secure, and there may be attacks that are not included in open literature to make behavior degenerate (perhaps some government agency knows how to do this, for example). On the man page:
Reading from / dev / urandom will not block the expectation of more entropy. As a result, if the entropy pool is not enough entropy, the return values ββare theoretically vulnerable to a cryptographic attack on the algorithms used by the driver. Knowledge of how to do this is not available in the current unclassified literature , but it is theoretically possible that such an attack may exist. If this is related to your application, use / dev / random instead.
(My emphasis) Therefore, I would not rely on this if you are trying to use cryptographic security.
In short, if you just want random values, this is probably good. If you want to use cryptographic protection, I would not recommend doing this.
Hope this helps!