Disabling IPv6 on CentOS 5.2

Greeting,

I am having a problem on my CentOS 5.2 Xen linode with disabling IPv6

I have tried all of the following, none of which have worked.

-Setting "NETWORKING_IPV6=no" in /etc/sysconfig/network

-Setting the following in /etc/sysconfig/network-scripts/ifcfg-eth0

IPV6INIT=no

IPV6_AUTOCONF=no

IPV6ADDR=

IPV6PREFIX=

-Ensured that there are no IPv6 addresses in /etc/hosts.

I have also tried various tricks in /etc/modprobe.conf to disable the IPv6 driver though the IPv6 module has never appeared in lsmod output. I suspect it has something to do with running in a domU (I am fairly new to Xen).

Does anyone know how to actually disable IPv6 under CentOS 5.2?

5 Replies

Quick google yeilded:

http://wiki.centos.org/FAQ/CentOS5?high … 366b421dc4">http://wiki.centos.org/FAQ/CentOS5?highlight=(ipv6)#head-47912ebdae3b5ac10ff76053ef057c366b421dc4

Why are you disabling IPv6 out of interest?

I should have mentioned everything I tried for completeness. I already tries those changes as well as attempting to do "install ipv6 /bin/false" in /etc/modprobe.conf (also tried it with /bin/true ).

I have used the method described on the CentOS 5 FAQ several times before with sucess, but it isn't working on my Xen linode (though I did just noticed that my other Xen based system have ipv6 enabled as well, going to experiment with them as well).

As for the why, I don't have a used for it, no point in configuring something I won't use. Not to mention I have had problems in the past (though mostly on Solaris 8 and Solaris 9) with some applications running into subtle problems when there are IPv6 interfaces/IPs configured but not fully functional.

The "install ipv6 /bin/false" method in the /etc/modprobe.conf file does not work because the kernels used with a Linode (or most other virtual solutions) are typically built with the majority of common modules as "built-in" versus "loadable modules". I don't know about CentOS specifically, but disabling the autoconf and accept_ra should prevent an address from being assigned, but the module will still be loaded. I do not believe it possible in a standard kernel to remove (rmmod) a built-in module.

I understand you had problems in the past with IPv6 support, but I would gander that you will probably have more trouble at this point by not having IPv6 support loaded versus having it. Tunnels aside, the fe80 addresses generated are local addresses and will not be routed.

I have noticed that lack of modules present via the empty output that lsmod produces. It is interesting since XenSource (now owned by Citrix) systems I manage at work use loadable modules instead of having everything built-in. I know that Citrix doesn't use stock Xen kernels, but tweaks them in various ways so I wonder if that is one of their tweaks.

Out of curiosity what type of Xen kernel does Linode use? I noticed that they have custom kernel version strings (at least under CentOS 5) so I am wonder which Xen kernels the linode ones are based upon.

I hadn't though about actually disabling features in the module once loaded. I wonder if having the driver loaded but intentionally hobbled would lead to any similar subtle but annoying problems. Still it is something to try, I will experiment with it. Thank you for the idea.

As for leaving it enabled, again if you don't need something and have no intent of using it there is no point in leaving it installed/enabled.

I have yet to (thankfully) encounter an application or program that has problems when IPv6 is properly disabled in the OS and in the application. I have however (as mentioned) run into problems with applications that were not IPv6 aware and were doing stupid things like getting lists of all possible addresses, regardless of class, assuming them all to be the inet class and then attempting to use them as such. Granted, as mentioned, this was some time ago on Solaris 8 and 9 (and I have a vague recollection of a problem under RHEL 3). The newer OSes/application are probably much more tolerant of IPv6.

Using built-in modules has the advantage of a slightly lower memory footprint and a huge advantage when it comes to supporting multiple distributions. The source for the Linode kernels is at http://www.linode.com/src.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct