Recently, one of my friends asked me how to disable IPv6. After searching a bit, I found the following solution. Here are the steps that I followed to disable IPv6 in my CentOS 7 minimal server.
I explained to him that IPv6 was a 64-bit address space that exponentially increased the number of network addresses.
It was introduced in 2012 when it was clear that the internet could not keep up with the fast-growing number of devices connected using the 32-bit address space IPv4 offers.
Though a decade has passed since its introduction, not every network runs IPv6. Worse, keeping it enabled is known to cause issues.
You can do it in two methods.
Method 1
Edit file /etc/sysctl.conf,
vi /etc/sysctl.conf
Add the following lines:
net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1
If you want to disable IPV6 for particular network card, for example enp0s3, add the following entry.
net.ipv6.conf.enp0s3.disable_ipv6 = 1
Save and exit the file.
Execute the following command to reflect the changes.
sysctl -p
Method 2:
Technically, you don’t need to disable IPv6 completely to stop it from causing issues. You can simply block it from assigning network addresses to network interfaces.
In fact, this method is recommended over other methods since it reduces the odds of you running into other issues. This is because some applications expect IPv6 to remain enabled, and if it isn’t, they throw errors.
To IPv6 disable in the running system, enter the following commands one by one:
echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6 echo 1 > /proc/sys/net/ipv6/conf/default/disable_ipv6
or,
sysctl -w net.ipv6.conf.all.disable_ipv6=1 sysctl -w net.ipv6.conf.default.disable_ipv6=1
That’s it. Now IPv6 has been disabled.
Disabling IPv6 on Specific Network Interfaces
It’s possible to be more picky about the network interfaces where you want IPv6 to work and not work. You can specify the interfaces you want IPv6 to not work on in the net.ipv6.conf configuration.
For example, if you want to disable IPv6 on nic0, this is how you could do it:
sysctl -w net.ipv6.conf.nic0.disable_ipv6=1 |
Of course, you can also enable it on nic0 by setting the value to 0, like so:
sysctl -w net.ipv6.conf.nic0.disable_ipv6=0 |
What If I get issues after disabling IPv6?
You may get problems after disabling IPv6.
Issue 1:
if you get issues with SSH after disabling IPv6, do the following.
Edit /etc/ssh/sshd_config file,
vi /etc/ssh/sshd_config
Find the line;
#AddressFamily any
And. change it to:
AddressFamily inet
or,
Remove the hash mark (#) in front of the line:
#ListenAddress 0.0.0.0
Then, restart ssh to reflect the changes.
systemctl restart sshd
Issue 2:
If you get problems with starting postfix after disabling IPv6, edit /etc/postfix/main.cf file;
vi /etc/postfix/main.cf
and comment out the localhost part of the config and use ipv4 loopback.
#inet_interfaces = localhost inet_interfaces = 127.0.0.1
Enabling IPv6 if Errors Appear
If you run into some issues that you aren’t able to solve or want to reenable IPv6 for any reason, all you have to do is set the same kernel parameters to 0.
To enable the IPv6 stack on all interfaces, run:
sysctl -w net.ipv6.conf.all.disable_ipv6=0 |
That’s it. Cheers!