yuwata
commented
1 month ago You need to set default first, then set all. Please try something like the following:
net.ipv6.conf.default.disable_ipv6=1
net.ipv6.conf.all.disable_ipv6=1Open SunBlade-ger opened 1 month ago
yuwata
commented
1 month ago You need to set default first, then set all. Please try something like the following:
net.ipv6.conf.default.disable_ipv6=1
net.ipv6.conf.all.disable_ipv6=1Ahh, you also need to disable IPv6LL by LinkLocalAddressing=no.
SunBlade-ger
commented
1 month ago You need to set
defaultfirst, then setall. Please try something like the following:net.ipv6.conf.default.disable_ipv6=1 net.ipv6.conf.all.disable_ipv6=1no luck, networkd still overwrites
disable_ipv6.#> cat /etc/sysctl.d/99-Custom.conf net.ipv6.conf.default.disable_ipv6=1 net.ipv6.conf.all.disable_ipv6=1#> sysctl net.ipv6.conf | grep -F "disable_ipv6" net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1 net.ipv6.conf.eth0.disable_ipv6 = 1 net.ipv6.conf.eth1.disable_ipv6 = 1 net.ipv6.conf.lan.disable_ipv6 = 0 net.ipv6.conf.lo.disable_ipv6 = 1
Ahh, you also need to disable IPv6LL by
LinkLocalAddressing=no.
this also does not work like expected.
#> cat /etc/systemd/network/10-lan.network
[Match]
Name=lan
[Link]
MACAddress=52:54:00:AC:3B:00
RequiredForOnline=yes
[Network]
DHCP=ipv4
DNSOverTLS=no
IPv6LinkLocalAddressGenerationMode=random
IPv6PrivacyExtensions=yes
LinkLocalAddressing=no
[DHCPv4]
SendHostname=true
ClientIdentifier=mac
UseDNS=true
UseNTP=truewhile it sets disable_ipv6 to 1 at boot time ...
#> sysctl net.ipv6.conf | grep -F "disable_ipv6"
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.eth0.disable_ipv6 = 1
net.ipv6.conf.eth1.disable_ipv6 = 1
net.ipv6.conf.lan.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1... it also prevents the enabling of IPv6 on that interface:
#> sysctl -w net.ipv6.conf.all.disable_ipv6=0
net.ipv6.conf.all.disable_ipv6 = 0
#> sysctl net.ipv6.conf | grep -F "disable_ipv6"
net.ipv6.conf.all.disable_ipv6 = 0
net.ipv6.conf.default.disable_ipv6 = 0
net.ipv6.conf.eth0.disable_ipv6 = 0
net.ipv6.conf.eth1.disable_ipv6 = 0
net.ipv6.conf.lan.disable_ipv6 = 0
net.ipv6.conf.lo.disable_ipv6 = 0#> ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host proto kernel_lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether d8:bb:c1:6f:bb:bb brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether d8:bb:c1:6f:bb:ba brd ff:ff:ff:ff:ff:ff
4: lan@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 52:54:00:ac:3b:00 brd ff:ff:ff:ff:ff:ff
inet 192.168.109.11/24 metric 1024 brd 192.168.109.255 scope global dynamic lan
valid_lft 575sec preferred_lft 575secnetworkd still ignores sysctl net.ipv6.conf.default.disable_ipv6 and either
is ignoring general system configs really the intended behaviour of networkd?
SunBlade-ger
commented
1 month ago Note, networkd does not set
disable_ipv6explicitly. But, you set some IPv6 related configs. The kernel may enable IPv6 when they are requested, though I am not sure.
yes you might be right there. every recent linux distro regardless which network manager is used, seems to experience similar problems.
i thought disable_ipv6 was a kernel variable explicitly designed for the user to express his intentions. but i guess i am wrong about that.
it seems like i need to frankenstein a workaround to enforce my will. unless networkd adds this "feature". *wink wink*
yuwata
commented
1 month ago Note, networkd does not set
disable_ipv6explicitly. But, you set some IPv6 related configs. The kernel may enable IPv6 when they are requested, though I am not sure.yes you might be right there. every recent linux distro regardless which network manager is used, seems to experience similar problems. i thought
disable_ipv6was a kernel variable explicitly designed for the user to express his intentions. but i guess i am wrong about that.it seems like i need to frankenstein a workaround to enforce my will. unless networkd adds this "feature". wink wink
Sorry, the quoted my comment is wrong (so I removed). networkd enables IPv6 if .network config requires the IPv6 stack.
SunBlade-ger
commented
1 month ago networkd enables IPv6 if .network config requires the IPv6 stack.
i can see the reason of enabling/disabling the IPv6 stack based on .network config.
so, it is safe to assume that ignoring sysctl net.ipv6.conf.default.disable_ipv6 actually is the intended behaviour?
does that also mean networkd does not allow me an "easy" way to disable IPv6 on boot and enable it afterwards?
systemd version the issue has been seen with
systemd 256.7-1
Used distribution
Arch
Linux kernel version used
6.11.2-zen1-1-zen
CPU architectures issue was seen on
x86_64
Component
systemd-networkd, systemd-sysctl
Expected behaviour you didn't see
All network interfaces should start up with IPv6 disabled if sysctl.d specifies this:
After a reboot all interfaces should start with IPv6 disabled:
Unexpected behaviour you saw
On boot networkd forcefully enables IPv6 on interfaces which have proper IPv6 in their config files
Steps to reproduce the problem
Request:
Please clarify if this is the intended behaviour of networkd. If it is:
sysctl net.ipv6.conf.default.disable_ipv6on interface configuration.Reason:
The user should be able to easily enable/disable IPv6 for testing purposes. Currently this can be done with:
#> sysctl -w net.ipv6.conf.all.disable_ipv6={0|1}To that extend the user should also be able to specify the state at boot time.Additional program output to the terminal or log subsystem illustrating the issue
No response