Walter Dnes <waltd...@waltdnes.org> writes: > On Tue, Sep 24, 2024 at 09:42:23PM -0400, Eli Schwartz wrote > >> If you actually want to disable ipv6, instead of insanely rebuilding >> binaries to use untested broken segfaulting code, use the sysctl >> knob to tell the kernel "when asked to give some application a bit >> of internet traffic, don't use ipv6". >> >> net.ipv6.conf.all.disable_ipv6 > > My system is actually very stable. In the shitstorm that erupted on > this list at "ipv6" enabling I did not see any mention of sysctl. In my > /etc/default/grub file I have... > > GRUB_CMDLINE_LINUX_DEFAULT="noexec=on net.ifnames=0 ipv6.disable=1" > > With this setting is it guaranteed that a program compiled with "ipv6" > flag will not try IPV6 first and timeout before dropping down to IPV4?
That's not how IPv6 is supported. Dual-stack support relies on 'happy eyeballs', an algorithm by which both IPv4 and v6 are tried optimistically, and the first one to succeed is accepted. This adds no latency. I suspect your Firefox anecdote happened due to misconfiguration (I think network.http.fast-fallback-to-IPv4 dictates the use of this algorithm in Firefox). As a point of reference, I do nothing to disable IPv6 support, and my ISP does not provide IPv6 support, yet I have no added latency due to IPv6 support being enabled. I just get the benefits of better LANs and internal networks. There is no reason to disable IPv6 support, as Eli said (especially if yo do not know _what_ you're trying to disable, and are just trying to blanket-disable a vague concept of IPv6). > How OS-specific is this? Not at all. > I "asked Mr. Google" and the NordVPN web page recommended for Redhat > based distros... > > net.ipv6.conf.all.disable_ipv6=1 > net.ipv6.conf.default.disable_ipv6=1 > net.ipv6.conf.tun0.disable_ipv6=1 > > For Debian-based distros... > > net.ipv6.conf.all.disable_ipv6 = 1 > net.ipv6.conf.default.disable_ipv6 = 1 > net.ipv6.conf.lo.disable_ipv6 = 1 > net.ipv6.conf.tun0.disable_ipv6 = 1 > > Other answers for disabling IPV6 include stuff like... > > net.ipv6.conf.all.disable_ipv6 = 1 > net.ipv6.conf.default.disable_ipv6 = 1 > net.ipv6.conf.lo.disable_ipv6 = 1 > net.ipv6.conf.eth0.disable_ipv6 = 1 Note that all of the above include interface names, this is why they differ, and just copy-pasting them blindly will not work. Note also that they're all identical, save for the interfaces mentioned. > BTW, I did *NOT* have IPV6 enabled when the USE flag changed... > > [x8940][root][~] grep IPV6 /usr/src/linux/.config > # CONFIG_IPV6 is not set > > > >> That's quite the bloated collection of enabled USE flags you have >> there -- lots of stuff that are much more bloated than ipv6, in >> fact. :) > > Stuff that I don't use is left disabled. I occasionally look at my > package.use file. If a flag is enabled for multiple apps there, I run > > USE="flag" emerge -pv --changed-use --deep --pdate @world > > If there isn't much new stuff pulled in I'll... > > * enable the flag in make.conf > * delete the enabling entries in package.use > * disable, in package.use, the flag for new stuff that tha flag pulls in > > This minimizes the size of my package.use file. Note: this is optimal > for the collection of apps *THAT I USE*. YMMV. -- Arsen Arsenović
signature.asc
Description: PGP signature
