Disable IPv6: Difference between revisions

• The kernel option ipv6.disable=1 disables the whole IPv6 stack
• If using the kernel option is not possible, add the following parameters to /etc/sysctl.conf:

# Disable IPv6
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
net.ipv6.conf.eth0.disable_ipv6 = 1
...

to prevent configuration of IPv6 for listed interfaces.

• To force ntpd to not use IPv6 add -4 to the options of ntpd in the finction ntpd_start in /etc/rc.d/rc.ntpd
• /etc/rc.d/rc.local

# Ensure the existence of /var/lib/dbus/machine-id and /etc/machine-id
if [ -x /usr/bin/dbus-uuidgen -a ! -x /etc/rc.d/rc.messagebus ] ; then
  rm -f /var/lib/dbus/machine-id
  rm -f /etc/machine-id
  /usr/bin/dbus-uuidgen --ensure
  ln -s /var/lib/dbus/machine-id /etc/machine-id                                fi

• /etc/rc.d/rc.local_shutdown

#!/bin/bash
#
# /etc/rc.d/rc.local_shutdown:  Local system shutdown script.
#
# Put anything that needs to be run at shutdown time in here.

# Clean /tmp
/usr/bin/find /tmp -mindepth 1 -delete

• To force sshd to listen IPv4 only add

AddressFamily inet

to /etc/ssh/sshd_config

• To force httpd to listen IPv4 only, specify an IPv4 address on all Listen directives, for example,

Listen 0.0.0.0:80

(in /etc/httpd/httpd.conf and/or /etc/httpd/extra/httpd-ssl.conf)

• To disable IPv6 in bind add -4 to NAMED_OPTIONS in /etc/default/named, add

listen-on-v6 { none; };

to options in /etc/named.conf, and add

plugin query "/usr/lib64/named/filter-aaaa.so" {
  filter-aaaa-on-v4 yes;
  filter-aaaa-on-v6 yes;
};

after options in /etc/named.conf

• To disable IPv6 in postfix use the option inet_protocols in /etc/postfix/main.cf
• To disable IPv6 in sendmail use the option Family=inet in DAEMON_OPTIONS and CLIENT_OPTIONS