[CentOS] Disabling IPv6 in Centos 4.x Experiences
alex at milivojevic.org
Mon Sep 11 15:47:00 UTC 2006
Quoting Erick Perez <eaperezh at gmail.com>:
> Aleksandar, can you please explain for me what does a criptic line
> like "alias net-pf-10 off
> " means "to disable ipv6" ?
It disables automatic loading of ipv6 module. You can still manually
load it by doint "modprobe ipv6" from command line. This was default
setting up until 2.4 kernel. In 2.6 kernel default was changed to
automatically load ipv6 module as needed.
If you don'thave the above line in /etc/modprobe.conf, each time an
application simply attempts to perform IPv6 bind, the kernel would
automatically load ipv6 kernel module. The ipv6 module will assigne
link local addresses to all interfaces on the system, and it is
practically impossible to get rid of the module from that point on
(until you reboot machine).
While link local addresses on the interfaces are not really usable to
establish communication on the network, many people prefer not to have
them assigned. Especially considering the sorry state of IPv6 version
of Netfilter. Not only that IPv6 Netfilter lacks many many features
of its IPv4 counterpart, the userspace (iptables-ipv6) is not
installed by default on CentOS4, redhat-config-security-level will not
configure it, and many people run firewalls that are completely open
for IPv6 traffic without even realizing it.
NOTICE: If you are not intended recipient, you are hereby notified
that by reading this message you agreed not to disturb frogs during
mating season. For more info, visit http://www.8-P.ca/
More information about the CentOS