Disable IPv6: Difference between revisions

Latest revision as of 19:01, 27 October 2025

The kernel option ipv6.disable=1 disables the whole IPv6 stack
If using the kernel option is not possible, add the following parameters to /etc/sysctl.conf:

# Disable IPv6
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
net.ipv6.conf.eth0.disable_ipv6 = 1
...

to prevent configuration of IPv6 for listed interfaces.

To configure glibc to prefer ipv4 over ipv6 create /etc/gai.conf:

# Always prefer IPv4 connections
precedence ::ffff:0:0/96  100

Getting chrony to not use IPv6 create/edit /etc/default/chrony:

CHRONYD_ARGS="-4"

To force ntpd to not use IPv6 add -4 to $NTPD_OPTS in /etc/default/ntp

Also comment out 2 lines in /etc/ntp.conf:

#restrict -6 default limited kod nomodify notrap nopeer noquery
#restrict ::1

To force sshd to listen IPv4 only add

AddressFamily inet

to /etc/ssh/sshd_config

To force httpd to listen IPv4 only, specify an IPv4 address on all Listen directives, for example,

Listen 0.0.0.0:80

(in /etc/httpd/httpd.conf and/or /etc/httpd/extra/httpd-ssl.conf)

To disable IPv6 in bind add -4 to NAMED_OPTIONS in /etc/default/named, add

listen-on-v6 { none; };

to options in /etc/named.conf, and add

plugin query "/usr/lib64/named/filter-aaaa.so" {
  filter-aaaa-on-v4 yes;
  filter-aaaa-on-v6 yes;
};

after options in /etc/named.conf

To disable IPv6 in postfix use the option inet_protocols in /etc/postfix/main.cf
To disable IPv6 in sendmail use the option Family=inet in DAEMON_OPTIONS and CLIENT_OPTIONS

@@ Line 7: / Line 7: @@
 net.ipv6.conf.eth0.disable_ipv6 = 1
 ...</pre>to prevent configuration of IPv6 for listed interfaces.
-*To force <code>ntpd</code> to not use IPv6 add <code>-4</code> to
+*To configure glibc to prefer ipv4 over ipv6 create <code>/etc/gai.conf</code>:
-<pre>CMDLINE="/usr/sbin/ntpd -4 -g"</pre>
+<pre>
-in <code>/etc/rc.d/rc.ntpd</code>
+# Always prefer IPv4 connections
+precedence ::ffff:0:0/96  100
+</pre>
+*Getting chrony to not use IPv6 create/edit <code>/etc/default/chrony</code>:
+<pre>
+CHRONYD_ARGS="-4"</pre>
+*To force <code>ntpd</code> to not use IPv6 add <code>-4</code> to $NTPD_OPTS in <code>/etc/default/ntp</code>
+:Also comment out 2 lines in <code>/etc/ntp.conf</code>:
+<pre>#restrict -6 default limited kod nomodify notrap nopeer noquery
+#restrict ::1</pre>
 *To force <code>sshd</code> to listen IPv4 only add
 <pre>AddressFamily inet</pre>
@@ Line 16: / Line 25: @@
 <pre>Listen 0.0.0.0:80</pre>
 (in <code>/etc/httpd/httpd.conf</code> and/or <code>/etc/httpd/extra/httpd-ssl.conf</code>)
-*To disable IPv6 in <code>bind</code> put
+*To disable IPv6 in <code>bind</code> add <code>-4</code> to <code>NAMED_OPTIONS</code> in <code>/etc/default/named</code>, add
-<pre>NAMED_OPTIONS="-4"</pre>
+<pre>listen-on-v6 { none; };</pre>
-to <code>/etc/default/named</code> and add
+to <code>options</code> in <code>/etc/named.conf</code>, and add
 <pre>plugin query "/usr/lib64/named/filter-aaaa.so" {
    filter-aaaa-on-v4 yes;
    filter-aaaa-on-v6 yes;
 };</pre>
-to <code>options</code> in <code>/etc/named.conf</code>
+after <code>options</code> in <code>/etc/named.conf</code>
 *To disable IPv6 in <code>postfix</code> use the option <code>inet_protocols</code> in <code>/etc/postfix/main.cf</code>
 *To disable IPv6 in <code>sendmail</code> use the option <code>Family=inet</code> in <code>DAEMON_OPTIONS</code> and <code>CLIENT_OPTIONS</code>
 [[Category: Linux]]

Disable IPv6: Difference between revisions

Latest revision as of 19:01, 27 October 2025

Navigation menu

Search