Disable IPv6

From Notes to self
Revision as of 14:05, 28 November 2020 by Verbovet (talk | contribs)
Jump to navigation Jump to search
  • The kernel option ipv6.disable=1 disables the whole IPv6 stack
  • If using the kernel option is not possible, add the following parameters to /etc/sysctl.conf:
# Disable IPv6
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
net.ipv6.conf.eth0.disable_ipv6 = 1
...

to prevent configuration of IPv6 for listed interfaces.

  • To force ntpd to not use IPv6 add -4 to
CMDLINE="/usr/sbin/ntpd -4 -g"

in /etc/rc.d/rc.ntpd

  • To force sshd to listen IPv4 only add
AddressFamily inet

to /etc/ssh/sshd_config

  • To force httpd to listen IPv4 only, specify an IPv4 address on all Listen directives, for example,
Listen 0.0.0.0:80

(in /etc/httpd/httpd.conf and/or /etc/httpd/extra/httpd-ssl.conf)

  • To disable IPv6 in bind put
NAMED_OPTIONS="-4"

to /etc/default/named and add 

filter-aaaa-on-v4 yes;

to options in /etc/named.conf

  • To disable IPv6 in postfix use the option inet_protocols in /etc/postfix/main.cf
  • To disable IPv6 in sendmail use the option Family=inet in DAEMON_OPTIONS and CLIENT_OPTIONS
Retrieved from "https://alik.ejik.org/index.php?title=Disable_IPv6&oldid=1987"