OESF Portal | OESF Forum | OESF Wiki | LinuxPDA | #planetgemini chat on matrix.org | #gemini-pda chat on Freenode | #zaurus and #alarmz chat on Freenode | ELSI (coming soon) | Ibiblio

IPB

Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> Disabling IPv6 in Sailfish OS?
depscribe
post Aug 18 2018, 01:15 PM
Post #1





Group: Members
Posts: 255
Joined: 3-January 18
Member No.: 815,753



More fun: Thought I'd at least get ProtonVPN working on the gadget and found a very nice little set of scripts on OpenRepos to do it. All went well right until the end when during connect the connection failed because IPv6 is available. I need to make it unavailable. Is there a quick and easy way to force IPv4 and nuke IPv6?

UPDATE: I found the answer, and in case it's of use to anyone else, here it is:

Disable IPv6 using the following commands:

CODE
devel-su sysctl -w
net.ipv6.conf.default.disable_ipv6=1
devel-su sysctl -w
net.ipv6.conf.default.disable_ipv6=1


Add following lines:

CODE
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1

to the IPv6 settings file: devel-su vim /etc/sysctl.d/ipv6-settings.conf

(This from: https://together.jolla.com/question/163103/...on-sailfish-os/ )
Go to the top of the page
 
+Quote Post
speculatrix
post Aug 19 2018, 07:41 AM
Post #2





Group: Admin
Posts: 3,690
Joined: 29-July 04
From: Cambridge, England
Member No.: 4,149



I'm surprised you needed to disable IPv6, in general, things should work just fine with it on.
Do you know what the problem was?
Go to the top of the page
 
+Quote Post
depscribe
post Aug 19 2018, 01:33 PM
Post #3





Group: Members
Posts: 255
Joined: 3-January 18
Member No.: 815,753



QUOTE(speculatrix @ Aug 19 2018, 07:41 AM) *
I'm surprised you needed to disable IPv6, in general, things should work just fine with it on.
Do you know what the problem was?

Proton people believe that there is an address leak in IPv6 and won't allow installation if IPv6 is functioning.

https://protonvpn.com/support/prevent-ipv6-vpn-leaks/

https://together.jolla.com/question/163103/...on-sailfish-os/
Go to the top of the page
 
+Quote Post
vader
post Aug 19 2018, 05:17 PM
Post #4





Group: Members
Posts: 253
Joined: 21-January 18
Member No.: 816,775



Another thing to try (google first) is to blacklist the ipv6 module. This is what I normally do for my other linux systems. Before somebody says "you shouldn't disable IPV6", there are definitely some network setups in which IPV6 doesn't play nicely. Some legacy servers/devices won't play well, and if IPV6 gets the first byte (couldn't resist) of the cherry, it will fail, and timeout eventually. To save this delay, you could fix the legacy device, or just disable IPV6. Time is money, so everyone here disabled IPV6 smile.gif

Going through the sys system is another way - and works just as well. The only difference is that blacklisting stops IPV6 from even starting. You can check which interfaces IPV6 is running on with:

cat /proc/net/if_inet6

Sorry, didn't see this thread on the weekend, I was away.
Go to the top of the page
 
+Quote Post
speculatrix
post Aug 19 2018, 06:51 PM
Post #5





Group: Admin
Posts: 3,690
Joined: 29-July 04
From: Cambridge, England
Member No.: 4,149



QUOTE(depscribe @ Aug 19 2018, 10:33 PM) *
Proton people believe that there is an address leak in IPv6 and won't allow installation if IPv6 is functioning.


Ah, thanks for the clarification.

As a network administrator who's deployed ipv6, in the workplace and at home, I think it's an important skill and worth learning to use and troubleshoot.. good on the CV.
Go to the top of the page
 
+Quote Post
depscribe
post Aug 20 2018, 08:16 AM
Post #6





Group: Members
Posts: 255
Joined: 3-January 18
Member No.: 815,753



QUOTE(vader @ Aug 19 2018, 05:17 PM) *
Another thing to try (google first) is to blacklist the ipv6 module. This is what I normally do for my other linux systems. Before somebody says "you shouldn't disable IPV6", there are definitely some network setups in which IPV6 doesn't play nicely. Some legacy servers/devices won't play well, and if IPV6 gets the first byte (couldn't resist) of the cherry, it will fail, and timeout eventually. To save this delay, you could fix the legacy device, or just disable IPV6. Time is money, so everyone here disabled IPV6 smile.gif

I'm probably missing something obvious, but the structure of Sailfish is such that I can't find where to blacklist it. If there's an /etc/modprobe.d directory, I can't find it.

Blacklisting does seem the most elegant way of doing it, because it can be readily undone. But damned if I can figure out how. Though I just realized that I haven't blacklisted anything since systemd.

Recipe?
Go to the top of the page
 
+Quote Post
vader
post Aug 20 2018, 03:23 PM
Post #7





Group: Members
Posts: 253
Joined: 21-January 18
Member No.: 816,775



QUOTE(depscribe @ Aug 21 2018, 02:16 AM) *
I'm probably missing something obvious, but the structure of Sailfish is such that I can't find where to blacklist it. If there's an /etc/modprobe.d directory, I can't find it.

Blacklisting does seem the most elegant way of doing it, because it can be readily undone. But damned if I can figure out how. Though I just realized that I haven't blacklisted anything since systemd.

Recipe?


I checked on mine and I have /etc/modprobe.d with a few files in it. There is even a blacklist. It seems as though all drivers are compiled into the kernel, but you could still try to create something like:

/etc/modprobe.d/blacklist.local

with contents:

blacklist ipv6
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
2 User(s) are reading this topic (2 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 15th October 2019 - 09:22 PM