enable or disable IPv6 - Alibaba Cloud Linux - Alibaba Cloud Documentation Center

This topic describes how to enable or disable IPv6 on an Elastic Compute Service (ECS) instance that runs Alibaba Cloud Linux 2.

Prerequisites

An instance of an instance type that supports IPv6 is created. For information about instance types that support IPv6, see Overview of instance families.
The instance resides in a region where IPv6 CIDR blocks are supported and IPv6 virtual private clouds (VPCs) are created. For more information, see Create a VPC with an IPv6 CIDR block.

Background information

IPv6 is disabled in Alibaba Cloud Linux 2 images of the aliyun-2.1903-x64-20G-alibase-20190829.vhd version and earlier. By default, IPv6 is enabled in Alibaba Cloud Linux 2 images of the aliyun_2_1903_x64_20G_alibase_20200221.vhd version and later.

Enable IPv6

Temporarily enable IPv6

Important

If IPv6 is temporarily enabled for an instance, the setting for enabling IPv6 becomes invalid after the instance is stopped or restarted. Proceed with caution.

In Alibaba Cloud Linux 2 images of the aliyun_2_1903_64_20G_alibase_20190619.vhd version and earlier, the DHCP parameter in the .network file in the /etc/systemd/network/ directory is set to ipv4. To modify the file and temporarily enable IPv6, perform the following operations:

Connect to the instance for which you want to temporarily enable IPv6.
For more information, see Connect to a Linux instance by using a password or key.
Run the following command to go to the /etc/systemd/network/ directory:
```
cd /etc/systemd/network/
```
Run the ls command to check the .network file in the preceding directory.
In this example, the 50-dhcp.network file is used.
Modify the content of the 50-dhcp.network file.
```
vi /etc/systemd/network/50-dhcp.network
```
Press the I key to enter Insert mode.
Modify the information below [Network] to set DHCP to yes.
Note
If the Name parameter is set to eth*, IP addresses and routes on all network interfaces are configured through DHCP. If you want to configure only a specific network interface through DHCP, set the Name parameter to the name of the network interface. For example, set the Name parameter to eth0 to ensure that only the eth0 network interface is configured through DHCP. For more information about the .network file, see systemd.network.
```
[Match]
Name=eth*

[Network]
DHCP=yes
```
After you make the modification, press the Esc key, enter :wq, and then press the Enter key to save the modification and exit.
Run the following commands to enable IPv6.
- Enable IPv6 for all network interfaces.
```
sudo sysctl -w net.ipv6.conf.all.disable_ipv6=0
sudo sysctl -w net.ipv6.conf.default.disable_ipv6=0
```
- Enable IPv6 for a specific network interface. In this example, the eth0 network interface is used.
```
sudo sysctl -w net.ipv6.conf.eth0.disable_ipv6=0
```

Permanently enable IPv6

Perform the following operations to permanently enable IPv6. The configurations remain valid after you restart the instance.

Connect to the instance for which you want to persistently enable IPv6.
For more information, see Connect to a Linux instance by using a password or key.
Run the following command to modify the /etc/sysctl.conf file:
```
vi /etc/sysctl.conf
```
Press the I key to enter Insert mode. Use one of the following methods to modify the file content:
- Delete the following configurations:
```
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
```
- To enable IPv6 for all network interfaces, make the following modification:
```
net.ipv6.conf.all.disable_ipv6 = 0
net.ipv6.conf.default.disable_ipv6 = 0
net.ipv6.conf.lo.disable_ipv6 = 0
```
  To enable IPv6 for a specific network interface, set the disable_ipv6 parameter that corresponds to the network interface to 0. In this example, the eth0 network interface is used.
```
net.ipv6.conf.eth0.disable_ipv6 = 0
```
After you make the modification, press the Esc key, enter :wq, and then press the Enter key to save the modification and exit.
Run the following command to check whether the configurations in the /etc/sysctl.conf file are consistent with those in the /etc/sysctl.conf file in the initram file system (initramfs):
```
diff -u /etc/sysctl.conf <(lsinitrd -f /etc/sysctl.conf)
```
Note
Alibaba Cloud Linux 2 uses an initramfs (initial RAM file system) during boot. If the /etc/sysctl.conf file within the initramfs is inconsistent with the main /etc/sysctl.conf file, the settings in the initramfs may take precedence, causing your changes to be ignored.
If the two configuration files are inconsistent, run the following command to generate a new initramfs:
```
sudo dracut -v -f
```
Restart the instance.
```
sudo reboot
```
Run the ifconfig command to check whether IPv6 is enabled.
If IPv6 is enabled, the following network configurations are displayed:
```
inet6 <Unicast address that starts with fe80::>
inet6 <IPv6 address of the instance>
```

Disable IPv6

Temporarily disable IPv6

Run the following commands to temporarily disable IPv6.

Important

If IPv6 is temporarily disabled for an instance, the setting for disabling IPv6 becomes invalid after the instance is stopped or restarted. Proceed with caution.

Disable IPv6 on all network interfaces.

sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1
sudo sysctl -w net.ipv6.conf.default.disable_ipv6=1

Disable IPv6 on a specific network interface.

sudo sysctl -w net.ipv6.conf.eth0.disable_ipv6=1

Permanently disable IPv6

Perform the following operations to permanently disable IPv6. The configurations remain valid after you restart the instance. Use one of the following methods to disable IPv6:

Use one of the following command line parameter settings to permanently disable IPv6:
- ```
sudo grubby --args="ipv6.disable_ipv6=1" --update-kernel=/boot/vmlinuz-$(uname -r)
```
- ```
sudo grubby --args="ipv6.disable=1" --update-kernel=/boot/vmlinuz-$(uname -r)
```
Note
The --args="ipv6.disable_ipv6=1" setting disables IPv6 for all network interfaces but keeps the IPv6 kernel module loaded. The --args="ipv6.disable=1" setting completely prevents the IPv6 kernel module from being loaded. For more information, visit Linux kernel IPv6.
Modify the /etc/sysctl.conf file to permanently disable IPv6.
1. Modify the /etc/sysctl.conf file.
```
vi /etc/sysctl.conf
```
2. Press the I key to enter Insert mode. Modify the configurations as shown below:
```
net.ipv6.conf.all.disable_ipv6=1
net.ipv6.conf.default.disable_ipv6=1
```
  Disable IPv6 on a specific network interface. Example:
```
net.ipv6.conf.eth0.disable_ipv6=1
```
3. Restart the instance.
```
sudo reboot
```
4. Run the ifconfig command to check whether IPv6 is disabled.
  If IPv6 is enabled, the following network configurations are not displayed:
```
inet6 <Unicast address that starts with fe80::>
inet6 <IPv6 address of the instance>
```

Configure multiple IPv6 addresses

To configure multiple IPv6 addresses, perform the following operations:

Connect to the instance for which you want to configure multiple IPv6 addresses.
For more information, see Connect to a Linux instance by using a password or key.
Run the following command to go to the /etc/systemd/network/ directory:
```
cd /etc/systemd/network/
```
Run the ls command to check the .network file in the preceding directory.
In this example, the 10-eth0.network file is used.
Run the cp command to copy a configuration file.
In this example, the 20-dhcp.network configuration file is created by copying the 10-eth0.network configuration file.
```
cp 10-eth0.network 20-dhcp.network
```
Run the following command to modify the 20-dhcp.network configuration file:
```
sed -i 's/^Name.*$/Name=*/g' /etc/systemd/network/20-dhcp.network
```
Restart the systemd-networkd service to allow the configurations to take effect.
```
sudo systemctl restart systemd-networkd
```