Sometimes you may need to disable IPv6 to avoid unnecessary network complication. Disabling it also improves the security, as it's possible to avoid IPv6 leak or WebRTC leak, hence detection while using a VPN.
There's no doubt that IPv6 is going to be very important in near future with ever increasing number of mobile devices and smart connected devices, i.e. IoT.
While IPv6 solves many drawbacks of IPv4, such as shortage of unique IP addresses or complex NAT setup, certainly it's not implemented properly everywhere.
So, here in this tutorial we'll discus about 4 ways to disable IPv6 on Ubuntu and other Linux systems.
Contents
Temporarily disable IPv6 with sysctl command
Use the sysctl command to disable ipv6 on Linux easily. Just type the two commands listed below, both of them requires super user privilege.
sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1 sudo sysctl -w net.ipv6.conf.default.disable_ipv6=1
On successful execution, the command should return a results like below.
net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1
To verify, simply use the ping6 localhost command, which should return connect: Cannot assign requested address, or may e different depending on your system.
As this change is temporary, IPv6 will be enabled by default on next system reboot. However in case you need to enable ipv6 again without rebooting, use the sysctl commands listed below.
sudo sysctl -w net.ipv6.conf.all.disable_ipv6=0 sudo sysctl -w net.ipv6.conf.default.disable_ipv6=0
Permanently disable ipv6 through sysctl.conf file
If you want to permanently disable ipv6 on Linux, just add two lines to the end of /etc/sysctl.conf file.
Open up the file with the text editor of your choice as super user, then go to the end and add the two extra lines listed below, that's all.
net.ipv6.conf.all.disable_ipv6=1 net.ipv6.conf.default.disable_ipv6=1
You need to run the command sudo sysctl -p to make the change take effect immediately.
IPv6 will be disabled every time automatically after next system reboot. Disabling IPv6 on particular network interface is also possible with this method, you just need to add the proper network interface name instead of all.
As example, to disable IPv6 only for the Ethernet port, which is enp2s0 in my case, I've to use this sysctl configuration file bellow.
net.ipv6.conf.enp2s0.disable_ipv6=1 net.ipv6.conf.default.disable_ipv6=1
To re-enable IPv6 when needed, you need to just revert the changes. To be specific, edit the /etc/sysctl.conf file again and remove the two net.ipv6.conf......... line. After that run the sudo sysctl -p command or simply reboot.
Disable with kernel parameter
Passing the ipv6.disable=1 boot time kernel parameter while booting will disable ipv6 on Linux.
You've to edit the bootloader configuration file to do that. As most Linux systems use the GRUB bootloader, we will use GRUB for demonstration.
First you need to edit the /etc/default/grub file with any text editor as root, i.e. as super user.
sudo nano /etc/default/grub
Find the line starting with GRUB_CMDLINE_LINUX_DEFAULT , add the parameter along side others inside the double quotes.
After adding the parameter, save the file and exit the text editor. Then update the GRUB configuration.
sudo update-grub
A system reboot is is required to take the changes effect, after rebooting the Linux system, ipv6 will be disabled by default every time.
To re-enable ipv6, you need to remove the ipv6.disable=1 parameter from /etc/default/grub file and update the grub again with sudo update-grub .
Disable IPv6 through network manager
If Linux command line is not your thing, then simply use the GUI network manager application. Either use the Gnome network manager, or KDE Plasma network manager front end application. Both of them relies on same back-end, but with a different GUI toolkit.
So, first open up the network manager connection editor, I prefer to right click on the network icon on top bar then click on Edit connections section.
Depending on which desktop environment you're using, Either Gnome network manager or KDE system setting will open up. Here I'm using Gnome network manager for demonstration.
Then click on the setting icon, i.e. the gear and start editing the specific network connection of your choice.
On the IPv6 Settings tab, select Ignore, this will prevent the network connection obtaining a IPv6 address if available.
Then save the connection end restart network manager from the NM applet icon. To restart without using command line, first de-select Enable Networking check box by right clicking on the nm-applet icon. After that, again check the box to re-enable networking, which is effectively a restart.
Or even better, just use the sudo systemctl restart network-manager.service command.
This method offers easy and granular control over IPv6 on different networking interfaces, like on which interface you want to disable IPv6. However this network-manager method doesn't seem to work flawlessly always. Sometimes IPv6 is enabled automatically, specially with DHCP networking. So be sure to double check if you really want to use this trick.
Re-enabling IPv6 through this method is also pretty easy, revert the changes made on the IPv6 Settings tab and restart network manager.
Conclusion
Surely IPv6 has advantages, but the it also exposes your all devices directly to the internet. So, be sure to implement proper access control and security measurements.
As example, if you're running a local web server and it's binded to both IPv4 and IPv6 addresses, then probably it's also exposed to the internet via IPv6. There's a good chance someone already attempting to break in. In such scenario, it's wiser not to enable IPv6.
So, that's all about how you can disable ipv6 on ubuntu or any other Linux distros using command line tools or the graphical Network Manager.
Leave a Reply