From owner-freebsd-questions@freebsd.org Wed Jun 19 15:35:27 2019 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D127915BC351; Wed, 19 Jun 2019 15:35:26 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: from gndrsh.dnsmgr.net (br1.CN84in.dnsmgr.net [69.59.192.140]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 01AE26B3EA; Wed, 19 Jun 2019 15:35:25 +0000 (UTC) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: from gndrsh.dnsmgr.net (localhost [127.0.0.1]) by gndrsh.dnsmgr.net (8.13.3/8.13.3) with ESMTP id x5JFZNPX018746; Wed, 19 Jun 2019 08:35:23 -0700 (PDT) (envelope-from freebsd-rwg@gndrsh.dnsmgr.net) Received: (from freebsd-rwg@localhost) by gndrsh.dnsmgr.net (8.13.3/8.13.3/Submit) id x5JFZNMo018745; Wed, 19 Jun 2019 08:35:23 -0700 (PDT) (envelope-from freebsd-rwg) From: "Rodney W. Grimes" Message-Id: <201906191535.x5JFZNMo018745@gndrsh.dnsmgr.net> Subject: Re: Eliminating IPv6 (?) In-Reply-To: <6975.1560827403@segfault.tristatelogic.com> To: "Ronald F. Guilmette" Date: Wed, 19 Jun 2019 08:35:23 -0700 (PDT) CC: freebsd-questions@freebsd.org, freebsd-net@freebsd.org X-Mailer: ELM [version 2.4ME+ PL121h (25)] MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII X-Rspamd-Queue-Id: 01AE26B3EA X-Spamd-Bar: ++ Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [2.63 / 15.00]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; IP_SCORE(0.04)[ip: (0.15), ipnet: 69.59.192.0/19(0.07), asn: 13868(0.05), country: US(-0.06)]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; DMARC_NA(0.00)[dnsmgr.net]; AUTH_NA(1.00)[]; NEURAL_SPAM_MEDIUM(0.55)[0.555,0]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_SPAM_SHORT(0.18)[0.179,0]; MX_GOOD(-0.01)[cached: gndrsh.dnsmgr.net]; NEURAL_SPAM_LONG(0.97)[0.965,0]; R_SPF_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:13868, ipnet:69.59.192.0/19, country:US]; MID_RHS_MATCH_FROM(0.00)[]; SUBJECT_HAS_QUESTION(0.00)[] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Jun 2019 15:35:27 -0000 > I do not wish to begin any religious war here. I understand that IPv6 > can be a sensitive and sometimes even emotional issue for many people. > Speaking only for myself, and only for the present moment, I can say > that for me, IPv6 represents only an annoyance and a very sizable > distraction. At present, I don't use it and have absolutely no need > to do so. I would thus like to simplify my life by eliminating it from > my (12.0-RELEASE) system, so that I won't even have to think about it, > or wonder about it, e.g. when I am configuring my firewall, my daemons, > etc. > > I have tried searching for instructions on how to do this online, but > the suggestions and recommendations for how to do this vary widely. > There does not seem to be any "standard" set of recommendations for > how to simply turn off all IPv6 for a given system, short of rebuilding > the kernel, from scratch, with proper options to eliminate IPv6 support > in the kernel entirely. > > I finally settled on trying to add the following options to my /etc/rc.conf > file: > > ipv6_network_interfaces="none" > ip6addrctl_enable="NO" > ip6addrctl_policy="ipv4_prefer" > ipv6_activate_all_interfaces="NO" > > These seem to have worked only marginally. > > After a fresh reboot, my loopback interface (lo0) for example is still > configured to have -both- IPv4 -and- IPv6 addresses... and routes... > associated with it. > > How can I turn off IPv6 entirely without rebuilding the kernel? I too do not need IPv6 in many many many places, and this is the option I choose to disable it, a kernel recompile is the only complete and effective "knob" to get IPV6 out of your system. Once it is gone from the kernel all the other stuff recognises this and just deals with it without any other tweaking. > Regards, > rfg > > > P.S. Please, please, please, refrain from giving me a sermon about how > I am an idiot and/or about how IPv6 is going to save mankind and/or the > galaxy as we know it. I am pro choice, and I don't really wish to have > IPv6 rammed down my throat before I am ready to swallow. I don't need it, > don't use it, and for me, life is much simpler without it for now. No sermon here, I fully support your position, and am very glad to see that bz@ continues to assert that we need to maintain the INET and INET6 compile options (for some day we may be able to remove V4, but it also has the added benifit in that we can build V4 only, v6 only, or (insert your prefered higher power) forbid, no INET at all! -- Rod Grimes rgrimes@freebsd.org