LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - General (http://www.linuxquestions.org/questions/linux-general-1/)
-   -   Best Way to disable IPV6 (http://www.linuxquestions.org/questions/linux-general-1/best-way-to-disable-ipv6-815737/)

idlehands 06-22-2010 02:37 PM

Best Way to disable IPV6
 
Whats the best way to disable ipv6, besides not loading the kernel modules?

disable IPV6 by updating modeprobe config:
options ipv6 disable=1

or update /etc/sysconfig/network:
NETWORKING_IPV6=no


whare are the differences, pro&cons of both approaches? Do they conflict with each other? It is suffucient to have one of them? Or should we have both?

anomie 06-22-2010 02:50 PM

AFAIK, the methods you posted are not effective. (At least in the latter case, I'm pretty sure it does nothing.) If you believe otherwise, just be sure to test thoroughly.

Here are my own notes on the topic:

RHEL4
Code:

echo "alias net-pf-10 off" >> /etc/modprobe.conf
RHEL5
Code:

echo "alias net-pf-10 off" >> /etc/modprobe.conf
echo "alias ipv6 off" >> /etc/modprobe.conf


win32sux 06-22-2010 03:26 PM

What distro are you using? I ask because you might have IPv6 support built into the kernel instead of it being a module. You could grep your kernel config file for CONFIG_IPV6 to find out. In my case (built into kernel), what I did to disable IPv6 was to add an ipv6.disable=1 to my kernel lines. I use GRUB, so I just had to edit the GRUB_CMDLINE_LINUX_DEFAULT option in my /etc/default/grub file (then run update-grub). YMMV.

anomie 06-22-2010 03:57 PM

That's interesting. To tack on to my previous comments, I also located a few sysctl MIBs in Fedora 13 that look useful:
Code:

# sysctl -a | grep 'ipv6.*disable'
net.ipv6.conf.all.disable_ipv6 = 0
net.ipv6.conf.default.disable_ipv6 = 0
net.ipv6.conf.lo.disable_ipv6 = 0
net.ipv6.conf.eth0.disable_ipv6 = 0

(As you've probably realized by now, it is usually a good idea to include the distro / version you're using in your first post.)

konsolebox 06-23-2010 12:31 AM

How 'bout recompiling or buildig another version of the kernel with no IPV6 support then add another selection to grub?

idlehands 06-23-2010 06:44 AM

Sorry, I posted that EoD last night. Not my best effort.

This is RHEL5.4.

I can't rebuild the kernel, and in fact I want to disable IPV6 networking, while leaving the kernel modules there, and loadable as something else is using them outside of networking. (strange?) I inheirted a system with those settings and now I'm being asked to justify the difference. I have researched plenty of ways to disable IPv6, the information is typically do this xxxx.

While I'm looking for "Do this xxx and it will disable IPv6 this way which is better/worse than doing it via grub etc"

CassandraToday 12-04-2012 09:58 AM

Red Hat doc
 
If you have access to the Red Hat knowledge base, there's an article here: https://access.redhat.com/knowledge/solutions/8709

And in case you don't have access, here's a copy/paste:

Red Hat Enterprise Linux 4, 5, and 6 enable Internet Protocol Version 6 (IPv6) by default. However, in certain situations, some users may find it desirable to disable IPv6 support or to re-enable it after it has been disabled.

For Red Hat Enterprise Linux 6, the tech brief Preparing for IPv6 Networking in Red Hat Enterprise Linux provides a broad introduction to IPv6 networking.

Disabling IPv6 support in Red Hat Enterprise Linux 6

Create a file /etc/modprobe.d/ipv6.conf with the following contents:

options ipv6 disable=1

For completeness, it is a good idea to configure the ip6tables service not to start at boot by issuing the following command:

# chkconfig ip6tables off

Reboot the system to disable IPv6 support.

Note: There is a special case where this might not work, please see The "ipv6 disable=1" option does not seem to work on Red Hat Enterprise Linux 6 system.

Re-enabling IPv6 support in Red Hat Enterprise Linux 6

Review the files under /etc/modprobe.d/ and remove (or comment out) any of the following lines:

options ipv6 disable=1
install ipv6 /bin/true
blacklist ipv6

Configure the ip6tables service to start at boot by issuing the following command:

# chkconfig ip6tables on

Reboot the system to activate IPv6 support.

Disabling IPv6 support in Red Hat Enterprise Linux 5

Remove the following line (if present) from the /etc/modprobe.conf file:

alias net-pf-10 ipv6

Add the following line to the /etc/modprobe.conf file:

alias net-pf-10 off

In versions of Red Hat Enterprise Linux before 5.4, add the following line to the /etc/modprobe.conf file:

alias ipv6 off

In Red Hat Enterprise Linux 5.4 and later, add the following line to the /etc/modprobe.conf file:

options ipv6 disable=1

To prevent errors during the network initscript start routine, change the NETWORKING_IPV6 parameter in the /etc/sysconfig/network file to the following:

NETWORKING_IPV6=no

For completeness, it is a good idea to configure the ip6tables service not to start at boot by issuing the following command:

# chkconfig ip6tables off

Reboot the system to disable IPv6 support.

Re-enabling IPv6 support in Red Hat Enterprise Linux 5

Remove the following lines (if present) from the /etc/modprobe.conf file:

alias net-pf-10 off
alias ipv6 off
options ipv6 disable=1

Add the following line to the /etc/modprobe.conf file (if not present already):

alias net-pf-10 ipv6

Change the NETWORKING_IPV6 parameter in the /etc/sysconfig/network file to the following:

NETWORKING_IPV6=yes

For completeness, it is a good idea to configure the ip6tables service to start at boot by issuing the following command:

# chkconfig ip6tables on

Reboot the system to re-enable IPv6 support.

Disabling IPv6 support in Red Hat Enterprise Linux 4

Remove the following line (if present) from the /etc/modprobe.conf file:

alias net-pf-10 ipv6

Add the following line to the /etc/modprobe.conf file:

alias net-pf-10 off

Reboot the system to disable IPv6 support.

Re-enabling IPv6 support in Red Hat Enterprise Linux 4

Remove the following line from the /etc/modprobe.conf file:

alias net-pf-10 off

Add the following line to the /etc/modprobe.conf file:

alias net-pf-10 ipv6

Reboot the system to re-enable IPv6 support.


All times are GMT -5. The time now is 11:16 PM.