Ubuntu
linux package

Using sysctl to permanently disable IPv6 doesn't have any effect

Bug #1771222 reported by Serapheim Dimitropoulos
This bug report is a duplicate of:  Bug #50093: Some sysctls are ignored on boot. Edit Remove
40
This bug affects 8 people
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Confirmed
Medium
Unassigned

Bug Description

Shows up in version 18.04 of Ubuntu.

I added the following 2 lines in /etc/sysctl.d/99-sysctl.conf and /etc/sysctl.d/01-disable-ipv6.conf:
```
net.ipv6.conf.all.disable_ipv6=1
net.ipv6.conf.default.disable_ipv6=1
```

Rebooting my machine sets those parameters for "all" and "default" but not for
the sysctl options of my network interface:
```
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.ens160.disable_ipv6 = 0
```

I use disable_ipv6 above as an example.
I've also verified this with the promote_secondaries option of ipv4.

I can always restart systemd-sysctl.service at every boot and this will
set net.ipv6.conf.ens160.disable_ipv6 to 1. Unfortunately though this won't
work for devices that are hot-plugged.

Other info:

- version signature: Ubuntu 4.15.0-20.21-generic 4.15.17
- lspci is attached

Revision history for this message
Serapheim Dimitropoulos (serapheim) wrote :
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in linux (Ubuntu):
status: New → Confirmed
Revision history for this message
Joseph Salisbury (jsalisbury) wrote :

Would it be possible for you to test the latest upstream kernel? Refer to https://wiki.ubuntu.com/KernelMainlineBuilds . Please test the latest v4.17 kernel[0].

If this bug is fixed in the mainline kernel, please add the following tag 'kernel-fixed-upstream'.

If the mainline kernel does not fix this bug, please add the tag: 'kernel-bug-exists-upstream'.

Once testing of the upstream kernel is complete, please mark this bug as "Confirmed".

Thanks in advance.

[0] http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.17-rc5

Changed in linux (Ubuntu):
importance: Undecided → Medium
status: Confirmed → Incomplete
Revision history for this message
Serapheim Dimitropoulos (serapheim) wrote :

Hi Joseph,

Thank you for the quick reply.

I did as instructed and got the specified upstream kernel installed.
```
~$ uname -a
Linux ubuntu 4.17.0-041700rc5-generic #201805132030 SMP Mon May 14 00:32:50 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
```

Problem persists after reboot:
```
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.ens33.disable_ipv6 = 0
```

Changing to Confired, and adding tag.

Changed in linux (Ubuntu):
status: Incomplete → Confirmed
tags: added: kernel-bug-exists-upstream
Revision history for this message
Joseph Salisbury (jsalisbury) wrote :

This issue appears to be an upstream bug, since you tested the latest upstream kernel. Would it be possible for you to open an upstream bug report[0]? That will allow the upstream Developers to examine the issue, and may provide a quicker resolution to the bug.

Please follow the instructions on the wiki page[0]. The first step is to email the appropriate mailing list. If no response is received, then a bug may be opened on bugzilla.kernel.org.

Once this bug is reported upstream, please add the tag: 'kernel-bug-reported-upstream'.

[0] https://wiki.ubuntu.com/Bugs/Upstream/kernel

Revision history for this message
Dave Bevan (dave-bevan) wrote :

Shows up in 16.04.5 (4.15.0-43-generic) too.

In the end, despite all the above ipv6.disable = 1 additions to sysctl.conf and reboots, the only sure-fire way I found to reliably disable ipv6 was to add ipv6.disable=1 to grub:

$ grep ip /etc/default/grub
GRUB_CMDLINE_LINUX_DEFAULT="ipv6.disable=1 quiet splash"
$ sudo update-grub
$ sudo reboot

Revision history for this message
Emmanuel Fusté (emmanuel-fuste-thalesgroup) wrote :

No,
$ apt-get install ifupdown
redo your network config with /etc/network/interfaces
and
$ apt-get autoremove --purge netplan.io

Does not work if you not purge netplan.
If installed, netplan insist to generate volatile config for networkd (/run/systemd/network/10-netplan-your_interface.network) with ipv6 options applied by networkd.

It is not a kernel or systemd bug, but another netplan bug.
If you do not want to go back to ifupdown, it's time to learn networkd. For server use, netplan is totally useless and only add a layer of potential new problems.

Revision history for this message
Gionn (giovanni.toraldo) wrote :

Workaround is to add:

    /etc/init.d/procps restart

in /etc/rc.local

Brad Figg (brad-figg)
tags: added: cscc
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Bug attachments

Remote bug watches

Bug watches keep track of this bug in other bug trackers.