Eliminating IPv6 (?)
Rodney W. Grimes
freebsd-rwg at gndrsh.dnsmgr.net
Wed Jun 19 23:23:05 UTC 2019
> Rodney W. Grimes writes:
>
> > > And god only knows how much will break once I've done that. How many other
> > > people have tested -all- of the resulting binaries, seriously, on actual
> > > production systems? (I may be the first one ever, at least for 12.0.)
> >
> > I also agree here, running a WITHOUT_IPV6 userland is both very
> > painful to get built AND has issues that one does not need to face,
> > like I showed in another thread about netstat -6.
>
> Wider question:
> Say I'm running a system with both IPv4 and IPv6 enabled.
> Stuff Happens(tm) and I want to completely disable IPv6 for some
> indefinite but temporary period - not chamge any configuration
> settings or firewall rules, but just have the code finish processing
> current packets (or not) and then ignore further traffic. There will
> be consequences; I'm prepared to accept them.
> Is there a single master switch - a sysctl, perhaps, or something
> in /etc/rc.d - that lets me do that?
You do raise a very valid point.
ipfw add 1 deny ipv6 from any to any
That is about the only "master" switch I can think of that would
be very effective.
> Robert Huff
--
Rod Grimes rgrimes at freebsd.org
More information about the freebsd-net
mailing list