[CentOS] Disabling IPv6 in Centos 4.x Experiences

Aleksandar Milivojevic alex at milivojevic.org
Mon Sep 11 15:47:00 UTC 2006

Quoting Erick Perez <eaperezh at gmail.com>:

> Aleksandar, can you please explain for me what does a criptic line
> like "alias net-pf-10 off
> "  means "to disable ipv6" ?

It disables automatic loading of ipv6 module.  You can still manually  
load it by doint "modprobe ipv6" from command line.  This was default  
setting up until 2.4 kernel.  In 2.6 kernel default was changed to  
automatically load ipv6 module as needed.

If you don'thave the above line in /etc/modprobe.conf, each time an  
application simply attempts to perform IPv6 bind, the kernel would  
automatically load ipv6 kernel module.  The ipv6 module will assigne  
link local addresses to all interfaces on the system, and it is  
practically impossible to get rid of the module from that point on  
(until you reboot machine).

While link local addresses on the interfaces are not really usable to  
establish communication on the network, many people prefer not to have  
them assigned.  Especially considering the sorry state of IPv6 version  
of Netfilter.  Not only that IPv6 Netfilter lacks many many features  
of its IPv4 counterpart, the userspace (iptables-ipv6) is not  
installed by default on CentOS4, redhat-config-security-level will not  
configure it, and many people run firewalls that are completely open  
for IPv6 traffic without even realizing it.

NOTICE: If you are not intended recipient, you are hereby notified
that by reading this message you agreed not to disturb frogs during
mating season.  For more info, visit http://www.8-P.ca/

More information about the CentOS mailing list