|
Best Way to disable IPV6
Whats the best way to disable ipv6, besides not loading the kernel modules?
disable IPV6 by updating modeprobe config: options ipv6 disable=1 or update /etc/sysconfig/network: NETWORKING_IPV6=no whare are the differences, pro&cons of both approaches? Do they conflict with each other? It is suffucient to have one of them? Or should we have both? |
AFAIK, the methods you posted are not effective. (At least in the latter case, I'm pretty sure it does nothing.) If you believe otherwise, just be sure to test thoroughly.
Here are my own notes on the topic: RHEL4 Code:
echo "alias net-pf-10 off" >> /etc/modprobe.confCode:
echo "alias net-pf-10 off" >> /etc/modprobe.conf |
What distro are you using? I ask because you might have IPv6 support built into the kernel instead of it being a module. You could grep your kernel config file for CONFIG_IPV6 to find out. In my case (built into kernel), what I did to disable IPv6 was to add an ipv6.disable=1 to my kernel lines. I use GRUB, so I just had to edit the GRUB_CMDLINE_LINUX_DEFAULT option in my /etc/default/grub file (then run update-grub). YMMV.
|
That's interesting. To tack on to my previous comments, I also located a few sysctl MIBs in Fedora 13 that look useful:
Code:
# sysctl -a | grep 'ipv6.*disable' |
How 'bout recompiling or buildig another version of the kernel with no IPV6 support then add another selection to grub?
|
Sorry, I posted that EoD last night. Not my best effort.
This is RHEL5.4. I can't rebuild the kernel, and in fact I want to disable IPV6 networking, while leaving the kernel modules there, and loadable as something else is using them outside of networking. (strange?) I inheirted a system with those settings and now I'm being asked to justify the difference. I have researched plenty of ways to disable IPv6, the information is typically do this xxxx. While I'm looking for "Do this xxx and it will disable IPv6 this way which is better/worse than doing it via grub etc" |
Red Hat doc
If you have access to the Red Hat knowledge base, there's an article here: https://access.redhat.com/knowledge/solutions/8709
And in case you don't have access, here's a copy/paste: Red Hat Enterprise Linux 4, 5, and 6 enable Internet Protocol Version 6 (IPv6) by default. However, in certain situations, some users may find it desirable to disable IPv6 support or to re-enable it after it has been disabled. For Red Hat Enterprise Linux 6, the tech brief Preparing for IPv6 Networking in Red Hat Enterprise Linux provides a broad introduction to IPv6 networking. Disabling IPv6 support in Red Hat Enterprise Linux 6 Create a file /etc/modprobe.d/ipv6.conf with the following contents: options ipv6 disable=1 For completeness, it is a good idea to configure the ip6tables service not to start at boot by issuing the following command: # chkconfig ip6tables off Reboot the system to disable IPv6 support. Note: There is a special case where this might not work, please see The "ipv6 disable=1" option does not seem to work on Red Hat Enterprise Linux 6 system. Re-enabling IPv6 support in Red Hat Enterprise Linux 6 Review the files under /etc/modprobe.d/ and remove (or comment out) any of the following lines: options ipv6 disable=1 install ipv6 /bin/true blacklist ipv6 Configure the ip6tables service to start at boot by issuing the following command: # chkconfig ip6tables on Reboot the system to activate IPv6 support. Disabling IPv6 support in Red Hat Enterprise Linux 5 Remove the following line (if present) from the /etc/modprobe.conf file: alias net-pf-10 ipv6 Add the following line to the /etc/modprobe.conf file: alias net-pf-10 off In versions of Red Hat Enterprise Linux before 5.4, add the following line to the /etc/modprobe.conf file: alias ipv6 off In Red Hat Enterprise Linux 5.4 and later, add the following line to the /etc/modprobe.conf file: options ipv6 disable=1 To prevent errors during the network initscript start routine, change the NETWORKING_IPV6 parameter in the /etc/sysconfig/network file to the following: NETWORKING_IPV6=no For completeness, it is a good idea to configure the ip6tables service not to start at boot by issuing the following command: # chkconfig ip6tables off Reboot the system to disable IPv6 support. Re-enabling IPv6 support in Red Hat Enterprise Linux 5 Remove the following lines (if present) from the /etc/modprobe.conf file: alias net-pf-10 off alias ipv6 off options ipv6 disable=1 Add the following line to the /etc/modprobe.conf file (if not present already): alias net-pf-10 ipv6 Change the NETWORKING_IPV6 parameter in the /etc/sysconfig/network file to the following: NETWORKING_IPV6=yes For completeness, it is a good idea to configure the ip6tables service to start at boot by issuing the following command: # chkconfig ip6tables on Reboot the system to re-enable IPv6 support. Disabling IPv6 support in Red Hat Enterprise Linux 4 Remove the following line (if present) from the /etc/modprobe.conf file: alias net-pf-10 ipv6 Add the following line to the /etc/modprobe.conf file: alias net-pf-10 off Reboot the system to disable IPv6 support. Re-enabling IPv6 support in Red Hat Enterprise Linux 4 Remove the following line from the /etc/modprobe.conf file: alias net-pf-10 off Add the following line to the /etc/modprobe.conf file: alias net-pf-10 ipv6 Reboot the system to re-enable IPv6 support. |
| All times are GMT -5. The time now is 12:56 AM. |