Here are simple steps to disable ipv6 in Debian:
- Comment out anything related to ipv6 in /etc/hosts
- SSH. Ensure AddressFamily inet is set in /etc/ssh/sshd_config. Restart ssh.
- BIND. Ensure listen-on-v6 { none; }; in /etc/bind/named.conf.options. Restart bind9.
- NTP. Ensure -4 option is set in /etc/default/ntp (e.g. NTPD_OPTS='-4 -g'). Restart ntp.
- APACHE2. Ensure Listen 0.0.0.0:80 in /etc/apache2/ports.conf file. Restart apache2.
- RPCBIND (rpc.statd, rpc.mountd). Comment out the appropriate entries in /etc/netconfig:
udp tpi_clts v inet udp - -
tcp tpi_cots_ord v inet tcp - -
#udp6 tpi_clts v inet6 udp - -
#tcp6 tpi_cots_ord v inet6 tcp - -
rawip tpi_raw - inet - - -
local tpi_cots_ord - loopback - - -
unix tpi_cots_ord - loopback - - -
- PostgreSQL 9. Ensure ipv4 in listen_addresses (file /etc/postgresql/9.1/main/postgresql.conf):
# - Connection Settings
listen_addresses = '0.0.0.0'
Comment out lines related to ipv6 (file /etc/postgresql/9.1/main/pg_hba.conf):
# IPv6 local connections:
#host all all ::1/128 md5
Restart postgresql.
- Disable ipv6 in kernel:
echo net.ipv6.conf.all.disable_ipv6=1 \
> /etc/sysctl.d/disableipv6.conf
- Disable ipv6 in kernel modules (file /etc/modprobe.d/aliases.conf):
# alias net-pf-10 ipv6
alias net-pf-10 off
alias ipv6 off
The next time the system boots it will have ipv6 disabled. Let verify it with:
netstat -tunlp
Here is a sample output:
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 192.168.10.2:53 0.0.0.0:* LISTEN 895/named
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 895/named
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 734/sshd
tcp 0 0 127.0.0.1:953 0.0.0.0:* LISTEN 895/named
udp 0 0 192.168.10.2:53 0.0.0.0:* 895/named
udp 0 0 127.0.0.1:53 0.0.0.0:* 895/named
Read more about ipv6
here.
Posts
.... But why?
ReplyDeletePractically, you don't need it... thus there is a way get rid of it.
DeleteThank your for the post. It helps me solving NTP issue.
ReplyDelete