Re: Disabling IPv6 and other networking protocols: Best Practice?
On Tue, 7 Aug 2012 19:08:14 +0200
Michael Fladerer <fladerer@fnb.tu-darmstadt.de> wrote:
>On Tue Aug 07, 2012 at 17:09:50 +0100, Laurie Mercer wrote:
>> I would like to disable IPv6, and some transport layer protocols, RDS, TIPC
>> etc
>>
>> However I am unsure of the best practise in doing this.
>>
>> So far I am disabling IPv6 using the sysctl command:
>>
>> sysctl -w net.ipv6.conf.all.disable_ipv6 = 1
>> sysctl -w net.ipv6.conf.default.disable_ipv6 = 1
>>
>> Then, making sure it is disabled in perpetuity by editing /etc/sysctl.conf
>> to include the following lines:
>>
>> net.ipv6.conf.all.disable_ipv6 = 1
>> net.ipv6.conf.default.disable_ipv6 = 1
>
>I'd say that's the way to go, at least for in-kernel drivers/interfaces.
>AFAIK blacklisting isn't possible here.
You could also pass ipv6.disable=1 on kernel command line during boot to
disable IPv6 support completely (there was some bug where disabling above
sysctl parameters did not actually disable IPv6 support for given interface -
not sure if it's still current).
Regards,
--
Andrej Kacian
Reply to: