PROPERLY disable IPv6 in Rocky Linux [SOLVED]


Rocky Linux

Author: Omer Cakmak
Reviewer: Deepak Prasad

IPv6(128-bit address) is a protocol that will replace the IPv4(32-bit address) network protocol and provide a much larger network address space usage. It is present in almost all linux distributions today and is in enable mode. You may need to disable it for some reason. There are multiple ways to disable ipv6 in Rocky Linux. Now let's examine it in order.

 

Different methods to disable IPv6

First, let's check that ipv6 is enabled:

[foc@rocky9 ~]$ ip a
2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 52:54:00:01:bc:2a brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.238/24 brd 192.168.122.255 scope global dynamic noprefixroute enp1s0
       valid_lft 2273sec preferred_lft 2273sec
    inet6 fe80::5054:ff:fe01:bc2a/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

The information expressed with inet6 in the output we get with the ip command belongs to ipv6. Let's look with sysctl command:

[foc@rocky9 ~]$ sysctl -a | grep -i ipv6
net.ipv6.auto_flowlabels = 1
net.ipv6.bindv6only = 0
net.ipv6.calipso_cache_bucket_size = 10
net.ipv6.calipso_cache_enable = 1
net.ipv6.conf.all.accept_dad = 0
...

Many values of ipv6 are displayed in the output. This indicates that ipv6 is enabled on the system.

 

Method-1: Disable IPv6 with GUI

If you are using a server with a GUI, you can learn how to disable ipv6 in this step. Go to ipv6 settings in Settings > Network > Wired > IPv6. Then you can disable ipv6 with Disable > Apply.

disable ipv6

 

Activate the changes by turning the network on/off.

PROPERLY disable IPv6 in Rocky Linux [SOLVED]

You have simply and successfully disabled ipv6 from the GUI.

 

Method-2: Disable IPv6 with nmtui

There are several alternatives to disable ipv6 from the terminal screen. One of them is nmtui. Invoke nmtui with sudo in terminal:

[foc@rocky9 ~]$ sudo nmtui

Click on Edit a connediton.

PROPERLY disable IPv6 in Rocky Linux [SOLVED]

 

Select the interface you want to edit.

PROPERLY disable IPv6 in Rocky Linux [SOLVED]

 

Go to IPv6 with the arrow keys on the keyboard. Then select Disabled and click OK.

PROPERLY disable IPv6 in Rocky Linux [SOLVED]

Run the ip command from the terminal and you can see that ipv6 is not available.

[foc@rocky9 ~]$ ip a
...
2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 52:54:00:01:bc:2a brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.238/24 brd 192.168.122.255 scope global dynamic noprefixroute enp1s0
       valid_lft 3593sec preferred_lft 3593sec

 

Method-3: Disable IPv6 in Grub Boot Loader

Since ipv6 is not disabled in the kernel version you are using, it can be enabled automatically when the system restarts. For this, it must be disabled from the grub settings.

Check the "GRUB_CMDLINE" value in grub before making changes:

[foc@rocky9 ~]$ grep "GRUB_CMDLINE" /etc/default/grub
GRUB_CMDLINE_LINUX="resume=/dev/mapper/rl-swap rd.lvm.lv=rl/root rd.lvm.lv=rl/swap"

Write the value "ipv6.disable=1" to the group with the sed command:

[foc@rocky9 ~]$ sudo sed -i '/GRUB_CMDLINE_LINUX/ s/"$/ ipv6.disable=1"/' /etc/default/grub

Check the GRUB_CMDLINE value again:

[foc@rocky9 ~]$ grep "GRUB_CMDLINE" /etc/default/grub
GRUB_CMDLINE_LINUX="resume=/dev/mapper/rl-swap rd.lvm.lv=rl/root rd.lvm.lv=rl/swap ipv6.disable=1"

Then apply the changes:

[foc@rocky9 ~]$ sudo grub2-mkconfig -o /boot/grub2/grub.cfg
Generating grub configuration file ...
Adding boot menu entry for UEFI Firmware Settings ...
done

Reboot the system:

[foc@rocky9 ~]$ sudo reboot

Check ipv6 with sysctl command:

[foc@rocky9 ~]$ sudo sysctl -a | grep -i ipv6

It is expected that there will be no output as a result of the command. With this step, ipv6 is disabled.

 

Method-4: Disable IPv6 using grubby

In this step, grub editing will be done using grubby. This step can be simpler and faster.

Edit grub settings using grubby:

[foc@rocky9 ~]$ sudo grubby --args ipv6.disable=1 --update-kernel DEFAULT

When you pull the grub settings, you can see that the disabled value is entered for ipv6:

[foc@rocky9 ~]$ sudo grubby --info DEFAULT
index=0
kernel="/boot/vmlinuz-5.14.0-70.22.1.el9_0.x86_64"
args="ro resume=/dev/mapper/rl-swap rd.lvm.lv=rl/root rd.lvm.lv=rl/swap ipv6.disable=1"
...

After this process, reboot the system:

[foc@rocky9 ~]$ sudo reboot

When you pull the ipv6 settings on the system with sysctl, you can see that there are no settings for ipv6:

[foc@rocky9 ~]$ sudo sysctl -a | grep -i ipv6

The command should have a blank output, which means that all ipv6 modules have been removed from the kernel.

 

Method-5: Disable IPv6 Temporarily

The ipv6 disable steps made in this step are temporary. Sometimes it may be necessary to disable it for a short time. Run the following commands in order:

[foc@rocky9 ~]$ sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1
net.ipv6.conf.all.disable_ipv6 = 1

[foc@rocky9 ~]$ sudo sysctl -w net.ipv6.conf.default.disable_ipv6=1
net.ipv6.conf.default.disable_ipv6 = 1

[foc@rocky9 ~]$ sudo sysctl -w net.ipv6.conf.lo.disable_ipv6=1
net.ipv6.conf.lo.disable_ipv6 = 1

When you query the network information again with "ip a", you can see that the ipv6 line is missing:

[foc@rocky9 ~]$ ip a
...
2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 52:54:00:01:bc:2a brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.238/24 brd 192.168.122.255 scope global dynamic noprefixroute enp1s0
       valid_lft 3518sec preferred_lft 3518sec

 

Method-6: Disable IPv6 Permanently

Another method to disable ipv6 from terminal is to edit the sysctl.conf file. Open the sysctl.conf file with an editor:

[foc@rocky9 ~]$ sudo vi /etc/sysctl.conf

net.ipv6.conf.all.disable_ipv6=1
net.ipv6.conf.default.disable_ipv6=1
net.ipv6.conf.lo.disable_ipv6 = 1

View the settings entered with the -p parameter:

[foc@rocky9 ~]$ sudo sysctl -p
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1

To check that ipv6 is disabled:

[foc@rocky9 ~]$ cat /proc/sys/net/ipv6/conf/all/disable_ipv6

You can see that ipv6 is not active when checked with the ip command:

[foc@rocky9 ~]$ ip a
...
2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 52:54:00:01:bc:2a brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.238/24 brd 192.168.122.255 scope global dynamic noprefixroute enp1s0
       valid_lft 3355sec preferred_lft 3355sec

 

Summary

We have provided solutions to the problem of disabling ipv6 with different methods. Alternatives are always available in Linux. You can apply whichever is easier for you.

 

References

 

Omer Cakmak

Omer Cakmak

He is highly skilled at managing Debian, Ubuntu, CentOS, Oracle Linux, and Red Hat servers. Proficient in bash scripting, Ansible, and AWX central server management, he handles server operations on OpenStack, KVM, Proxmox, and VMware. You can connect with him on his LinkedIn profile.

Can't find what you're searching for? Let us assist you.

Enter your query below, and we'll provide instant results tailored to your needs.

If my articles on GoLinuxCloud has helped you, kindly consider buying me a coffee as a token of appreciation.

Buy GoLinuxCloud a Coffee

For any other feedbacks or questions you can send mail to admin@golinuxcloud.com

Thank You for your support!!

Leave a Comment