There are many facets and disciplines to I.T. related knowledge, but unless you have some knowledge of networks (as every aspiring white hat hacker should), you may not know about IPv6. After all, IPv4 is still the dominant Internet protocol to date. However, we are crawling closer and closer to the point of no return when IPv4 will become deprecated. Until then, hackers, administrators, and network engineers need to be comfortable working with both protocols. At the very least, you should be able to disable IPv6 on a Linux system. But before we learn how to disable IPv6 on Linux, let’s examine the history and necessity of each Internet protocol.
History of IPv6 and Its Global Significance
IPv6 certainly isn’t a new concept, and it has been lurking around the Internet for some time now. In fact, the first draft of IPv6 was published way back in 1998. This fact alone leaves many people scratching their heads and wondering why we are still using IPv4, or why we even need IPv6 in the first place. To be blunt, there are a multitude of reasons that IPv6 is superior to IPv4 including security and efficiency concerns.
However, the main reason IPv6 was created was to stamp out the address limitations imposed by IPv4. You see, and IPv4 address is composed of four octets (one byte each) that range from 0 to 255. Some of these addresses can only be used on private network and local LANs. A few other ranges are reserved for special cases such as multicast addresses. But the bulk of the total range of addresses are reserved for use on the public Internet.
The problem is that each address needs to be unique to ensure that it only identifies a single host or domain. Unfortunately, when IPv4 was first created (back in the 1970’s), it was believed that there would be more than enough addresses to accommodate all of the devices that would ever need to be connected to the public Internet. At the time the burgeoning Internet was still in its infancy. But the Internet grew exponentially and far more devices were created that need an Internet connection than was ever foreseen.
In fact, there are more devices today that connect to the Internet than there are human beings on the planet. And it seems that these figures are only going to accelerate faster as the Internet of Things progresses. The Internet is simply running out of unique addresses to assign to hosts, and the IPv4 address space has been on the cusp of complete exhaustion for years now. Some technologies, such as NAT (translation between public and private addresses), were created to delay the inevitable.
IPv6, however, was intentionally designed with an unfathomably large pool of unique addresses to ensure we don’t run into this problem again in the future. That said, we still haven’t made a global transition to IPv6. And why not? Well, it would be a massive and time consuming pain in the neck to transition the entire public Internet to a new protocol. Not only would individual companies and home users need to update their networking equipment, but there would need to untold amounts of international cooperation to make the change – it’s just an enormous, tedious, and undesirable mountain of a challenge.
The following are examples of an IPv4 address and an IPv6 address, respectively:
As you can see, while IPv4 addresses are only 32 bits in length, an IPv6 address is a whopping 128 bits in length.
Switching to IPv6
Even though IPv4 is still the dominant Internet protocol, a great many organizations have made efforts to encourage it’s use. There have even been global events that were internationally coordinated to run entire networks using only IPv6. However, most countries agree that the best way to make the inherent change is to slowly phase out the use of IPv4. Many standards boards have created regulations to ensure that home networking equipment as well as corporate grade ISP telecommunications equipment have the capabilities to run both protocol stacks.
Just about any modern home router (with few exceptions) is going to be able to run IPv6, though IPv4 is enabled by default. In addition, any modern network card and operating system is going to support IPv6 functionality. Though IPv4 is enabled by default, there are some configuration errors and fallible code that doesn’t always work the way the manufacturer intended. Many times, shutting off IPv6 is the solution to network connectivity problems, so today we’re going to take a closer look at how to disable IPv6 on Linux systems.
The first step towards disabling this potentially protocol is to verify that it is, in fact, running in the first place. You can actually disable IPv6 on individual interfaces, or for the entire system if you prefer. To verify that IPv6 is running, start by firing up your favorite terminal. We’re going to be using the BASH shell in this demonstration. Though all modern Linux operating systems have IPv6 enabled by default, some applications may have installation processes that edit how the protocol behaves. Start by running the following command:
Under each separate interface, you’ll notice a field labled inet6 addr: if IPv6 is running. Alternatively, Linux users can enter the ip addr list command for a comprehensive list of addresses used by all their networking interfaces (Ethernet, wireless, etc.). Check either command’s output for IPv6 addresses.
If you only want to suspend IPv6 operations for the current boot, you issue the following command:
- sudo sh -c ‘echo 1 > /proc/sys/net/ipv6/conf/[INTERFACE_NAME]/disable_ipv6′
Note that you’ll need to supply the name of the interface for this command. Also, be aware that upon the next boot of your operating system, your changes won’t be saved and IPv6 will resume operation. Alternatively, users can temporarily suspend IPv6 on all network interfaces with the following command:
- sudo sh -c ‘echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6’
However, if a user wants to permanently (configurations will be saved upon reboot) disable IPv6 for selected interfaces, the easiest way is to open up the network manager. After selecting a network interfaces, simply click on the IPv6 tab and set the Method: field to ‘ignore.’
Lastly, users can opt to make the configuration change through a text editor such as vi. Simply open a terminal window, browse to etc/sysctl.conf and add the following line of code to disable IPv6 for all interfaces:
- ipv6.conf.all.disable_ipv6 = 1
If you completed all of these steps you should have successfully disabled linux IPv6.