How to completely, dynamically disable IPv4 stack from Linux?

linux networking ipv6 linux-networking ipv4
7,425

Solution 1

Well after a little chat on the IRC the general opinion is that the linux kernel shares some code between ipv4 and ipv6, and that may make completely disabling ipv4 entirely impossible. You can try to compile the kernel without the ipv4 parts but ipv6 may not compile in this case (but nothing keeps you from trying!).

You can remove the ipv4 addresses from interfaces, AFAIK, but I don't think it's possible at this time to completely disable ipv4.

EDIT: After a quick check on make menuconfig on kernel 2.6.36 I could not find a way of disabling ipv4 without disabling the entire TCP/IP stack (and so, ipv6).

Solution 2

If this is for developers, then "library interposition" could be used, with LD_PRELOAD some doctored library with stub functions that simply return errors (or that call the real ones depending on the day of the week or some other external criterion).

Solution 3

I don't think it is possible to disable IPv4 completely, but depending on your goal, dropping all IPv4 traffic using iptables might be enough, no?

Something like this should work. I haven't tested it on any machine, as I am accessing them through IPv4.

sudo iptables -I INPUT -j DROP
sudo iptables -O OUTPUT -j DROP

Solution 4

Mostly you should recompile yours kernel without ipv4 modules. fedora

You can’t disable it completely because the system uses 127.0.0.1 loopback interface.
But you can disable some ipv4 functions with if-cfg command.

Share:
7,425

Related videos on Youtube

Aldebaran
Author by

Aldebaran

Updated on September 18, 2022

Comments

  • Aldebaran
    Aldebaran over 1 year

    How can I disable IPv4 stack from Linux ? I want to do that dynamically, i.e. sometimes I want it enabled and sometimes I want only IPv6 stack. Is there any portable way to do that ? If you know how to do that in any distribution, it will also help me a lot.

    • Michael Hampton
      Michael Hampton over 5 years
      @kasperd Nothing has changed since 2011.
  • Michael Hampton
    Michael Hampton over 5 years
    This will block traffic, which may sometimes be useful. but it will not stop programs from binding an IPv4 socket. This is necessary to completely disable IPv4.
  • kasperd
    kasperd over 5 years
    What I did on a machine where I needed to run IPv6-only was to disable the DHCP client in /etc/network/interfaces.d. It's not quite the same as disabling IPv4 since systemd-resolved is still listening on 127.0.0.53:53. But it was sufficient to address my immediate needs and much preferred to messing with iptables.
  • TJJ
    TJJ over 3 years
    You can even remove 127.0.0.1 from the loopback interface and only live with ::1. But you have to do that manually after every reboot.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Docker will only bind forwarded ports to IPv6 interfaces
IPv6 only works after pinging the default gateway.
How to disable IPv6 on Windows Subsystem for Linux?
Static IPv4 & IPv6 configuration on CentOS 6.2
IPv6 is working, but IPv4 isn't
Why is my IPv6 Address showing instead of my IPv4?
long delay during ssh login
Is net.ipv6.conf.all.forwarding=1 equivalent to enabling forwarding for all individual interfaces?
How can I disable IPv6 in custom built embedded setup
How to deal with Dual-Stack Lite and incoming connections