1

I'm trying to disable IPv6 completely on my NFS server (Ubuntu 12.04 LTS precise), but still seem to have some IPv6 ports listening as shown when I run netstat -lp:

Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 *:60377 *:* LISTEN - tcp 0 0 *:49115 *:* LISTEN 1744/rpc.mountd tcp 0 0 *:nfs *:* LISTEN - tcp 0 0 *:54658 *:* LISTEN 1744/rpc.mountd tcp 0 0 *:sunrpc *:* LISTEN 450/rpcbind tcp 0 0 *:55730 *:* LISTEN 709/rpc.statd tcp 0 0 *:48181 *:* LISTEN 1744/rpc.mountd tcp6 0 0 [::]:37004 [::]:* LISTEN - udp 0 0 *:55738 *:* 1744/rpc.mountd udp 0 0 *:43533 *:* - udp 0 0 *:43687 *:* 709/rpc.statd udp 0 0 *:sunrpc *:* 450/rpcbind udp 0 0 *:615 *:* 450/rpcbind udp 0 0 localhost:885 *:* 709/rpc.statd udp 0 0 *:50206 *:* 1744/rpc.mountd udp 0 0 *:54380 *:* 1744/rpc.mountd udp 0 0 *:nfs *:* - udp6 0 0 [::]:46857 [::]:* -

I have disabled IPv6 on a kernel level in /etc/sysctl.d/ipvf-disable.conf:

#disable ipv6 net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1 net.ipv6.conf.lo.disable_ipv6 = 1

And also in /etc/netconfig:

udp tpi_clts v inet udp - - tcp tpi_cots_ord v inet tcp - - #udp6 tpi_clts v inet6 udp - - #tcp6 tpi_cots_ord v inet6 tcp - - rawip tpi_raw - inet - - - local tpi_cots_ord - loopback - - - unix tpi_cots_ord - loopback - - -

After these changes were made, I rebooted and the above netstat output didn't change. The UDP6 and TCP6 ports that are open seem to be kernel ports (hence the lack of PID), and they disappear when I run /etc/init.d/nfs-kernel-server stop.

I found the following bug report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=648635 that matches my issue, but it doesn't seem to have any replies. Am I missing something here, or is this a bug?

EDIT - To clarify, there is code that does not run well with any IPv6 (yes, it's crappy code and it can't be changed easily) as it reads netstat and breaks. Any ideas on how to remove the IPv6 references from netstat would be appreciated.

Improve this question
5
  • 2
    Disabling IPv6 is a very bad idea. Whatever the real problem is that you're trying to solve, this is just going to cause you more problems in the future. Commented Mar 9, 2014 at 23:40
  • Just wondering: Why do you want to turn off IPv6 so badly? And why is it a problem that the kernel NFS server is bound to an IPv6-capable socket when you don't have any IPv6 addresses on your host? You won't get any incoming IPv6 traffic without having IPv6 addresses anyway. Commented Mar 9, 2014 at 23:40
  • I'm disabling IPv6 because the code running on the server cannot run with it. It reads the netstat output and fails when it encounters ipv6. The developers who wrote the code are no longer available to update it, so i'm hoping to resolve it from an OS point of view. It was working before because it was running on an old OS. It needs to be moved. Commented Mar 10, 2014 at 0:20
  • 1
    Why don't you just add a -4 to the netstat command that the program calls? It will then only show IPv4 information. Commented Mar 10, 2014 at 3:38
  • @MichaelHampton thanks for your replies. I would change the code if I could, but I didn't write the app and don't have the skills to reverse engineer the code. Commented Mar 10, 2014 at 3:54

2 Answers 2

Reset to default
2

For the sake of being complete, I managed to get get a workaround for this specific case going by creating a "netstat" shell script that parses IPv6 out of the existing netstat and feeding the application an alternative PATH including this script.

NOTE - This is obviously not a good idea as a permanent fix, but with no better option open to me it seemed to work.

Improve this answer
0

In your boot config set ipv6.disable=1

In general edit /etc/default/grub and add this to the list of options in GRUB_CMDLINE_LINUX Then run grub_mkconfig -o /boot/grub2/grub.cfg

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.