There are many methods which can be used to disable IPv6 depending upon your requirement so I will try to explain the ones which I am aware of and I have used in my setup
Disable IPv6 for individual interface
NOTE: This actually does not deactivates the ipv6 modules instead it will disable Ipv6 for this particular interface
Currently I have bond0 on my node which has IPv6 enabled as you can see below
bond0: flags=5187<UP,BROADCAST,RUNNING,MASTER,MULTICAST> mtu 1500
inet 10.43.138.1 netmask 255.255.255.224 broadcast 10.43.138.31
inet6 fe80::92f4:cdc0:37ea:9ff6 prefixlen 64 scopeid 0x20<link>
ether 00:17:a4:77:00:02 txqueuelen 1000 (Ethernet)
RX packets 223 bytes 28496 (27.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 191 bytes 26556 (25.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
To disable the same for bond0 I can use either of below steps
Add the below variable (if it does not exist already) and remove all other IPv6 related variable from the config file
# vi /etc/sysconfig/network-scripts/ifcfg-bond0
IPV6INIT=no
Restart you network services
# systemctl restart network.service
But this will not do the magic yet, since currently ipv6 is enabled for bond0 in sysctl.conf file as we can see below
# sysctl -a | grep net.ipv6.conf.bond0.disable_ipv6
net.ipv6.conf.bond0.disable_ipv6 = 0
Disable the same by adding below line in /etc/sysctl.conf. First make sure you do not have any entry for this value
# grep "net.ipv6.conf.bond0.disable_ipv6" /etc/sysctl.conf
If the output is blank add the below line and if you already find an existing entry then change value of "0" to "1" or else execute below command
# echo "net.ipv6.conf.bond0.disable_ipv6=1" >> /etc/sysctl.conf
Refresh the sysctl values
# sysctl -p
Then rebuild the Initial RAM Disk Image using
# dracut -v -f
Next check the ipv6 status for bond0
# ifconfig
bond0: flags=5187<UP,BROADCAST,RUNNING,MASTER,MULTICAST> mtu 1500
inet 10.43.138.1 netmask 255.255.255.224 broadcast 10.43.138.31
ether 00:17:a4:77:00:02 txqueuelen 1000 (Ethernet)
RX packets 317 bytes 35564 (34.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 251 bytes 38566 (37.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
The same list of step can be followed for any other individual interface for which you want to disable the ipv6
Disable IPv6 for the complete node (for all interfaces)
After doing the above list of steps still I have Ipv6 enabled for my loopback address and bond3 which I am using
# ifconfig | grep inet6
inet6 fe80::73f1:af4c:dc8:ac prefixlen 64 scopeid 0x20<link>
inet6 ::1 prefixlen 128 scopeid 0x10<host>
So now I want to disable them completely
Here we need not use the individual interface files and we can directly disable ipv6 using our GRUB.
NOTE: This would require a REBOOT of the system to activate the changes
Append "ipv6.disable=1" in "/etc/default/grub" file as shown below
GRUB_CMDLINE_LINUX="ipv6.disable=1 crashkernel=auto rd.lvm.lv=system/root rd.lvm.lv=system/usr biosdevname=0 net.ifnames=0 rhgb quiet"
Next regenerate the grub2 configuration file using
# grub2-mkconfig -o /boot/grub2/grub.cfg
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-3.10.0-514.el7.x86_64
Found initrd image: /boot/initramfs-3.10.0-514.el7.x86_64.img
Found linux image: /boot/vmlinuz-0-rescue-a311757619b943238cda551a0f1b2743
Found initrd image: /boot/initramfs-0-rescue-a311757619b943238cda551a0f1b2743.img
done
If you have a UEFI based BIOS enabled node, also execute below command
# grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg
Lastly proceed with the reboot of the node to activate the changes
Enable IPv6 on RHEL
This actually would depend pretty much on the steps you followed to disable the IP6 and accordingly vice versa steps must be followed. For the sake of this article I would use the steps as explained above to re-enable IPv6
You cannot enable IPv6 for a particular interface unless your node has IPv6 enabled via GRUB i.e. if you have disabled ipv6 using grub then a single interface cannot be configured for ipv6.
If you attempt for this then you might end up with error similar to below
# sysctl -p
kernel.shmmax = 18446744073692774399
kernel.shmall = 18446744073692774399
kernel.randomize_va_space = 0
kernel.core_pattern = /var/opt/sdf/cores/core.%e
sysctl: cannot stat /proc/sys/net/ipv6/conf/eth0/disable_ipv6: No such file or directory
So first step would be to enable ipv6 from GRUB
Delete the entry "ipv6.disable=1" from "GRUB_CMDLINE_LINUX" variable in /etc/default/grub
# grep "GRUB_CMDLINE_LINUX" /etc/default/grub
GRUB_CMDLINE_LINUX="novga console=ttyS0,9600 panic=1 numa=off crashkernel=auto rd.lvm.lv=system/root rd.lvm.lv=system/swap noht biosdevname=0 net.ifnames=0 rhgb quiet console=tty0
Regenrate grub2.cfg file using below command
# grub2-mkconfig -o /boot/grub2/grub.cfg
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-3.10.0-514.el7.x86_64
Found initrd image: /boot/initramfs-3.10.0-514.el7.x86_64.img
Found linux image: /boot/vmlinuz-0-rescue-1ffe0ef8aba64348879fd545b8328da6
Found initrd image: /boot/initramfs-0-rescue-1ffe0ef8aba64348879fd545b8328da6.img
done
If you have a UEFI based BIOS enabled node, also execute below command
# grub2-mkconfig -o /boot/efi/EFI/redhat/grub.cfg
Delete any entries which look like below from /etc/sysctl.conf file
/proc/sys/net/ipv6/conf/all/disable_ipv6=1
/proc/sys/net/ipv6/conf/default/disable_ipv6
/proc/sys/net/ipv6/conf/<interface>/disable_ipv6
Un-comment the below line from /etc/hosts file
::1 localhost ipv6-localhost ipv6-loopback
Check the content of the file /etc/ssh/sshd_config and make sure the AddressFamily line is commented:
#AddressFamily inet
Lastly reboot the system to activate these changes
I hope the article was useful.