کامپیوتر، شبکه

Different methods to disable IPv6

First, let's check that ipv6 is enabled:

[foc@rocky9 ~]$ ip a
2: enp1s0:  mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 52:54:00:01:bc:2a brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.238/24 brd 192.168.122.255 scope global dynamic noprefixroute enp1s0
       valid_lft 2273sec preferred_lft 2273sec
    inet6 fe80::5054:ff:fe01:bc2a/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

The information expressed with inet6 in the output we get with the ip command belongs to ipv6. Let's look with sysctl command:

[foc@rocky9 ~]$ sysctl -a | grep -i ipv6
net.ipv6.auto_flowlabels = 1
net.ipv6.bindv6only = 0
net.ipv6.calipso_cache_bucket_size = 10
net.ipv6.calipso_cache_enable = 1
net.ipv6.conf.all.accept_dad = 0
...

Many values of ipv6 are displayed in the output. This indicates that ipv6 is enabled on the system.

ALSO READ:How to install EPEL Repository Rocky Linux? [SOLVED]

Method-1: Disable IPv6 with GUI

If you are using a server with a GUI, you can learn how to disable ipv6 in this step. Go to ipv6 settings in Settings > Network > Wired > IPv6. Then you can disable ipv6 with Disable > Apply.

Activate the changes by turning the network on/off.

You have simply and successfully disabled ipv6 from the GUI.

Method-2: Disable IPv6 with nmtui

There are several alternatives to disable ipv6 from the terminal screen. One of them is nmtui. Invoke nmtui with sudo in terminal:

Advertisement

[foc@rocky9 ~]$ sudo nmtui

Click on Edit a connediton.

Select the interface you want to edit.

Go to IPv6 with the arrow keys on the keyboard. Then select Disabled and click OK.

Run the ip command from the terminal and you can see that ipv6 is not available.

[foc@rocky9 ~]$ ip a
...
2: enp1s0:  mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 52:54:00:01:bc:2a brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.238/24 brd 192.168.122.255 scope global dynamic noprefixroute enp1s0
       valid_lft 3593sec preferred_lft 3593sec

Method-3: Disable IPv6 in Grub Boot Loader

Since ipv6 is not disabled in the kernel version you are using, it can be enabled automatically when the system restarts. For this, it must be disabled from the grub settings.

ALSO READ:OpenLDAP Migration Tutorial [Step-by-Step]

Check the "GRUB_CMDLINE" value in grub before making changes:

[foc@rocky9 ~]$ grep "GRUB_CMDLINE" /etc/default/grub
GRUB_CMDLINE_LINUX="resume=/dev/mapper/rl-swap rd.lvm.lv=rl/root rd.lvm.lv=rl/swap"

Write the value "ipv6.disable=1" to the group with the sed command:

[foc@rocky9 ~]$ sudo sed -i '/GRUB_CMDLINE_LINUX/ s/"$/ ipv6.disable=1"/' /etc/default/grub

Check the GRUB_CMDLINE value again:

Advertisement

[foc@rocky9 ~]$ grep "GRUB_CMDLINE" /etc/default/grub
GRUB_CMDLINE_LINUX="resume=/dev/mapper/rl-swap rd.lvm.lv=rl/root rd.lvm.lv=rl/swap ipv6.disable=1"

Then apply the changes:

[foc@rocky9 ~]$ sudo grub2-mkconfig -o /boot/grub2/grub.cfg
Generating grub configuration file ...
Adding boot menu entry for UEFI Firmware Settings ...
done

Reboot the system:

[foc@rocky9 ~]$ sudo reboot

Check ipv6 with sysctl command:

[foc@rocky9 ~]$ sudo sysctl -a | grep -i ipv6

It is expected that there will be no output as a result of the command. With this step, ipv6 is disabled.

Method-4: Disable IPv6 using grubby

In this step, grub editing will be done using grubby. This step can be simpler and faster.

Edit grub settings using grubby:

Advertisement

[foc@rocky9 ~]$ sudo grubby --args ipv6.disable=1 --update-kernel DEFAULT

When you pull the grub settings, you can see that the disabled value is entered for ipv6:

[foc@rocky9 ~]$ sudo grubby --info DEFAULT
index=0
kernel="/boot/vmlinuz-5.14.0-70.22.1.el9_0.x86_64"
args="ro resume=/dev/mapper/rl-swap rd.lvm.lv=rl/root rd.lvm.lv=rl/swap ipv6.disable=1"
...

After this process, reboot the system:

[foc@rocky9 ~]$ sudo reboot

When you pull the ipv6 settings on the system with sysctl, you can see that there are no settings for ipv6:

[foc@rocky9 ~]$ sudo sysctl -a | grep -i ipv6

The command should have a blank output, which means that all ipv6 modules have been removed from the kernel.

ALSO READ:Configure OpenLDAP Master Slave replication Rocky Linux 8

Method-5: Disable IPv6 Temporarily

The ipv6 disable steps made in this step are temporary. Sometimes it may be necessary to disable it for a short time. Run the following commands in order:

[foc@rocky9 ~]$ sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1
net.ipv6.conf.all.disable_ipv6 = 1

[foc@rocky9 ~]$ sudo sysctl -w net.ipv6.conf.default.disable_ipv6=1
net.ipv6.conf.default.disable_ipv6 = 1

[foc@rocky9 ~]$ sudo sysctl -w net.ipv6.conf.lo.disable_ipv6=1
net.ipv6.conf.lo.disable_ipv6 = 1

When you query the network information again with "ip a", you can see that the ipv6 line is missing:

[foc@rocky9 ~]$ ip a
...
2: enp1s0:  mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 52:54:00:01:bc:2a brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.238/24 brd 192.168.122.255 scope global dynamic noprefixroute enp1s0
       valid_lft 3518sec preferred_lft 3518sec

Method-6: Disable IPv6 Permanently

Another method to disable ipv6 from terminal is to edit the sysctl.conf file. Open the sysctl.conf file with an editor:

[foc@rocky9 ~]$ sudo vi /etc/sysctl.conf

net.ipv6.conf.all.disable_ipv6=1
net.ipv6.conf.default.disable_ipv6=1
net.ipv6.conf.lo.disable_ipv6 = 1

View the settings entered with the -p parameter:

[foc@rocky9 ~]$ sudo sysctl -p
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1

To check that ipv6 is disabled:

[foc@rocky9 ~]$ cat /proc/sys/net/ipv6/conf/all/disable_ipv6

You can see that ipv6 is not active when checked with the ip command:

Advertisement

[foc@rocky9 ~]$ ip a
...
2: enp1s0:  mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 52:54:00:01:bc:2a brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.238/24 brd 192.168.122.255 scope global dynamic noprefixroute enp1s0
       valid_lft 3355sec preferred_lft 3355sec

ALSO READ:16 Linux ip command examples to configure network interfaces (cheatsheet)

Summary

We have provided solutions to the problem of disabling ipv6 with different methods. Alternatives are always available in Linux. You can apply whichever is easier for you.

link