Score:1

Ubuntu

Disable both IPv4 and IPv6 on a specific interface

nstuyvesant

3/6/23, 2:31 PM

Using Ubuntu 21.10, SoftEther docs recommend disabling IPv4 and IPv6 on one of the two Ethernet interfaces used for the local bridge network adapter.

Here's my /etc/netplan/01-network-manager-all.yaml...

network:
  version: 2
  renderer: NetworkManager
  ethernets:
    lan:
      match:
        macaddress: a8:20:XX:XX:9f:da
      dhcp4: false
      dhcp6: true
      addresses:
        - 192.168.1.3/24
      routes:
        - to: default
          via: 192.168.1.1
          metric: 100
      nameservers:
        addresses: [192.168.1.1]
        search: []
      set-name: lan
    softether:
      match:
        macaddress: 40:6c:XX:XX:4a:93
      dhcp4: false
      dhcp6: false
      link-local: []
      optional: true
      set-name: softether

then ran sudo netplan generate then sudo netplan apply. As you can see, I renamed the interface for the local bridge to softether.

Also added this to the end of /etc/sysctl.d/99-sysctl.conf

net.ipv6.conf.softether.disable_ipv6 = 1

then ran sudo sysctl -p.

After rebooting, I am still seeing an IPv4 and IPv6 addresses on softether when running ip a...

2: softether: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 40:6c:XX:XX:4a:93 brd ff:ff:ff:ff:ff:ff
    altname enp9s0
    inet 169.254.65.216/16 brd 169.254.255.255 scope link noprefixroute softether
       valid_lft forever preferred_lft forever
    inet6 fd8b:a698:e8f4:3:426c:8fff:fe35:4a93/64 scope global deprecated dynamic mngtmpaddr 
       valid_lft 769sec preferred_lft 0sec
    inet6 fd97:65c2:6883:1:426c:8fff:fe35:4a93/64 scope global dynamic mngtmpaddr 
       valid_lft 1785sec preferred_lft 1785sec
    inet6 fda2:db11:4cad:2:426c:8fff:fe35:4a93/64 scope global deprecated dynamic mngtmpaddr 
       valid_lft 769sec preferred_lft 0sec
    inet6 fdaa:ed5f:f69b:4:426c:8fff:fe35:4a93/64 scope global deprecated dynamic mngtmpaddr 
       valid_lft 770sec preferred_lft 0sec
    inet6 fe80::426c:8fff:fe35:4a93/64 scope link 
       valid_lft forever preferred_lft forever

The Netplan docs show these examples...

Example to enable only IPv4 link-local: link-local: [ ipv4 ]
Example to enable all link-local addresses: link-local: [ ipv4, ipv6 ]
Example to disable all link-local addresses: link-local: [ ]

So I thought using the last one would give me what I wanted (but it didn't).

Any thoughts about what I'm doing wrong?

144

0 + 0

ipv6

ethernet

ipv4

netplan

21.10

Score:0

Ubuntu

nstuyvesant

3/6/23, 4:44 PM

Looks like the issue was the Netplan renderer of NetworkManager. After switching to networkd, I got the results I was looking for:

2: softether: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 40:6c:XX:XX:4a:93 brd ff:ff:ff:ff:ff:ff
    altname enp9s0

Here's my new /etc/netplan/01-network-manager-all.yaml:

network:
  version: 2
  renderer: networkd
  ethernets:
    lan:
      match:
        macaddress: a8:20:XX:XX:9f:da
      dhcp6: true
      addresses:
        - 192.168.1.3/24
      routes:
        - to: default
          via: 192.168.1.1
          metric: 100
      nameservers:
        addresses: [192.168.1.1]
        search: []
      set-name: lan
    softether:
      match:
        macaddress: 40:6c:XX:XX:4a:93
      optional: true
      # optional-addresses: []
      link-local: []
      set-name: softether
  wifis:
    wlp2s0:
#     match:
#       macaddress: 88:53:XX:XX:f0:75
      dhcp4: yes
      dhcp6: yes
      access-points:
        "Some SSID":
          password: "SOME PASSWORD"
#     set-name: wifi

Unfortunately, I can no longer rename the WiFi interface like I could with NetworkManager as networkd's wifis don't support match.

0 + 0

Thomas Ward

3/6/23, 7:16 PM

Actually, according to the documentation, netplan's `wifs` *does* support match, it's possible you're just not entering them correctly.

slangasek

3/6/23, 7:49 PM

What IPs were you seeing when setting link-local: [] with NetworkManager? This may be a bug in NM or in netplan that we should track and fix.

nstuyvesant

3/8/23, 2:32 AM

The results of my `ip a` for the softether interface are included in my original post - 169.254.65.216/16 plus 5 x ipv6 addresses. I submitted an ubuntu-bug based on the results I saw above.

nstuyvesant

3/8/23, 3:37 AM

Regarding the Netplan wifi's, my renaming of the interface worked with NetworkManager as the renderer (the commented lines were not previously commented). After switching to networkd, I got the error "ERROR: wlp2s0: networkd backend does not support wifi with match:, only by interface name". I'm open to suggestions if you're seeing a mistake in one of the 3 commented lines.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Disable both IPv4 and IPv6 on a specific interface

TH: ปิดการใช้งานทั้ง IPv4 และ IPv6 บนอินเทอร์เฟซเฉพาะ

RO: Dezactivați atât IPv4, cât și IPv6 pe o anumită interfață

RU: Отключить как IPv4, так и IPv6 на определенном интерфейсе

VI: Vô hiệu hóa cả IPv4 và IPv6 trên một giao diện cụ thể

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.