Fully disable IPv6 for rpc on NFS server - Ubuntu 12.04 LTS
For the sake of being complete, I managed to get get a workaround for this specific case going by creating a "netstat" shell script that parses IPv6 out of the existing netstat and feeding the application an alternative PATH including this script.
NOTE - This is obviously not a good idea as a permanent fix, but with no better option open to me it seemed to work.
Related videos on Youtube
serafinius
Updated on September 18, 2022Comments
-
serafinius almost 2 years
I'm trying to disable IPv6 completely on my NFS server (Ubuntu 12.04 LTS precise), but still seem to have some IPv6 ports listening as shown when I run netstat -lp:
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 *:60377 *:* LISTEN - tcp 0 0 *:49115 *:* LISTEN 1744/rpc.mountd tcp 0 0 *:nfs *:* LISTEN - tcp 0 0 *:54658 *:* LISTEN 1744/rpc.mountd tcp 0 0 *:sunrpc *:* LISTEN 450/rpcbind tcp 0 0 *:55730 *:* LISTEN 709/rpc.statd tcp 0 0 *:48181 *:* LISTEN 1744/rpc.mountd tcp6 0 0 [::]:37004 [::]:* LISTEN - udp 0 0 *:55738 *:* 1744/rpc.mountd udp 0 0 *:43533 *:* - udp 0 0 *:43687 *:* 709/rpc.statd udp 0 0 *:sunrpc *:* 450/rpcbind udp 0 0 *:615 *:* 450/rpcbind udp 0 0 localhost:885 *:* 709/rpc.statd udp 0 0 *:50206 *:* 1744/rpc.mountd udp 0 0 *:54380 *:* 1744/rpc.mountd udp 0 0 *:nfs *:* - udp6 0 0 [::]:46857 [::]:* -
I have disabled IPv6 on a kernel level in /etc/sysctl.d/ipvf-disable.conf:
#disable ipv6 net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1 net.ipv6.conf.lo.disable_ipv6 = 1
And also in /etc/netconfig:
udp tpi_clts v inet udp - - tcp tpi_cots_ord v inet tcp - - #udp6 tpi_clts v inet6 udp - - #tcp6 tpi_cots_ord v inet6 tcp - - rawip tpi_raw - inet - - - local tpi_cots_ord - loopback - - - unix tpi_cots_ord - loopback - - -
After these changes were made, I rebooted and the above netstat output didn't change. The UDP6 and TCP6 ports that are open seem to be kernel ports (hence the lack of PID), and they disappear when I run /etc/init.d/nfs-kernel-server stop.
I found the following bug report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=648635 that matches my issue, but it doesn't seem to have any replies. Am I missing something here, or is this a bug?
EDIT - To clarify, there is code that does not run well with any IPv6 (yes, it's crappy code and it can't be changed easily) as it reads netstat and breaks. Any ideas on how to remove the IPv6 references from netstat would be appreciated.
-
Sander Steffann over 10 yearsJust wondering: Why do you want to turn off IPv6 so badly? And why is it a problem that the kernel NFS server is bound to an IPv6-capable socket when you don't have any IPv6 addresses on your host? You won't get any incoming IPv6 traffic without having IPv6 addresses anyway.
-
serafinius over 10 yearsI'm disabling IPv6 because the code running on the server cannot run with it. It reads the netstat output and fails when it encounters ipv6. The developers who wrote the code are no longer available to update it, so i'm hoping to resolve it from an OS point of view. It was working before because it was running on an old OS. It needs to be moved.
-
Michael Hampton over 10 yearsWhy don't you just add a
-4
to thenetstat
command that the program calls? It will then only show IPv4 information. -
serafinius over 10 years@MichaelHampton thanks for your replies. I would change the code if I could, but I didn't write the app and don't have the skills to reverse engineer the code.
-