I need to disable IPv6 because when using Wireguard (wireguard-tools), I have ip leakage.
Disabling at kernel is ok (ipv6.disable=1), but this solution is not convenient, because I need the IPv6 stack to be enable.
Setting ipv6.disable_ipv6=1 at Grub level does not work, i cant still see a IPv6 address assigned
I tried to set and edit /etc/sysctl.d/40-ipv6.conf, it does not work neither
Note that I managed to set the privacy settings, adding and editing
/etc/sysctl.d/40-ipv6.conf
/etc/NetworkManager/conf.d/ip6-privacy.conf
I am testing all this config using internet cable direct from router, no VPN
So I think I am doing something wrong or forgetting something.
Could you please let me know why ipv6 cant be disabled ?
using Linux 6.9.3-3-MANJARO KDE
Thanks
When posting terminal output, copy the output and paste it here, wrapped in three (3) backticks, beforeANDafter the pasted text. Like this:
```
pasted text
```
Or three (3) tilde signs, like this:
~~~
pasted text
~~~
This will just cause it to be rendered like this:
Sed
sollicitudin dolor
eget nisl elit id
condimentum
arcu erat varius
cursus sem quis eros.
Instead of like this:
Sed sollicitudin dolor eget nisl elit id condimentum arcu erat varius cursus sem quis eros.
Alternatively, paste the text you wish to format as terminal output, select all pasted text, and click the </> button on the taskbar. This will indent the whole pasted section with one TAB, causing it to render the same way as described above.
Thereby increasing legibility thus making it easier for those trying to provide assistance.
For more information, please see:
Additionally
If your language isn’t English, please prepend any and all terminal commands with LC_ALL=C. For example:
LC_ALL=C bluetoothctl
This will just cause the terminal output to be in English, making it easier to understand and debug.
for example:
right click the NetworkManager applet → choose Connection Settings from the menu that comes up → choose your connection → go to IPv6 settings tab → set the Method to disabled
→ no IPv6 addresses will be assigned or requested from the router anymore
Alternatively, adding ipv6.disable_ipv6=1 instead will keep the IPv6 stack functional but will not assign IPv6 addresses to any of your network devices.
Yes, it was stated.
Without further evidence I’m inclined to trust the wiki more
and: he said he needs the IPv6 stack to stay (enabled).
What I described is exactly what I did myself on my own system - the result is as described:
no IPv6 addresses present or assigned
without disabling the stack at boot time
$ ip a
[...]
2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether e0:d5:5e:6a:9b:65 brd ff:ff:ff:ff:ff:ff
altname enp0s31f6
inet 10.0.0.20/24 brd 10.0.0.255 scope global dynamic noprefixroute eno1
valid_lft 597384sec preferred_lft 597384sec
And I use the ipv6.disable_ipv6=1 kernel parameter method. So, you can try that. As a prerequisite, ensure you have the install-grub package installed:
pamac install install-grub
To do so, open /etc/default/grub for editing.
sudo nano /etc/default/grub
And in the line starting with GRUB_CMDLINE_LINUX_DEFAULT insert ipv6.disable_ipv6=1 before the closing quotation mark. So that the line is somewhat similar to:
I’m not sure whether it is or not. I’d rather play it safe.
Because this:
Is much easier than:
Not according to how I understand it:
Alternatively, adding ipv6.disable_ipv6=1 instead will keep the IPv6 stack functional but will not assign IPv6 addresses to any of your network devices.
I will not argue this.
The difference is (supposed to be):
Options in GRUB_CMDLINE_LINUX are always effective.
Options in GRUB_CMDLINE_LINUX_DEFAULT are effective ONLY during normal boot (NOT during recovery mode).
Any time you change anything, you need to update-grub and then reboot to become effective.
Just changing it without updating the grub config won’t have any effect.
But it is solved without any of this - that is what I understood.