In Arch Linux, IPv6 is enabled by default. If you are looking for information regarding IPv6 tunnels, you may want to look at IPv6 - Tunnel Broker Setup.
To enable Privacy Extensions for Stateless Address Autoconfiguration in IPv6 according to RFC 4941, reproduce the following steps:
Add these lines to
# Enable IPv6 Privacy Extensions net.ipv6.conf.all.use_tempaddr = 2 net.ipv6.conf.default.use_tempaddr = 2 net.ipv6.conf.<nic0>.use_tempaddr = 2 ... net.ipv6.conf.<nicN>.use_tempaddr = 2
Where <nic0> to <nicN> are your nic's (the "all" or "default" parameters do not apply to nic's that already exist when the sysctl settings are applied).
After a reboot, at the latest, Privacy Extensions should be enabled.
Pinging the multicast address
ff02::1 results in all hosts in link-local scope responding. An interface has to be specified. With a ping to the multicast address
ff02::2 only routers will respond.
$ ping6 ff02::1%eth0
If you add an option
-I <your-global-ipv6>, link-local hosts will respond with their link-global scope addresses. The interface can be omitted in this case.
$ ping6 -I 2001:4f8:fff6::21 ff02::1
Sometime using static address can improve security. For example, if your local router uses Neighbor Discovery or radvd (RFC 2461), your interface will automatically be assigned an address based its MAC address (using IPv6's Stateless Autoconfiguration). This may be less than ideal for security since it allows a system to be tracked even if the network portion of the IP address changes.
To assign a static address (for example
Add your static IP using
netcfg. You can load them at startup by specifying your
netcfg profiles in the
NETWORKS section of
CONNECTION='ethernet' DESCRIPTION='ipv6+ipv4 eth0' INTERFACE='eth0' IP=static ADDR=192.168.1.5 NETMASK=24 ROUTES= GATEWAY=192.168.1.1 IP6=static ADDR6=(2001:470:1000:1000::5/64) GATEWAY6=2001:470:1000:1000::1
DAEMONS section should contain "net-profiles" instead of the deprecated "network". See Netcfg for more information.
Disabling IPv6 has been reported to speed up network access for programs that try using it before IPv4 on networks that do not support it. Incidentally, Firefox is listed among the affected applications. Until the widespread adoption of IPv6, one may benefit by disabling it.
Furthermore, an enabled ipv6 stack is known to expose bugs in some software in certain situations, even if it is not actually used. Disabling the stack works around these problems.
ipv6.disable=1 to the kernel line in your bootloader configuration disables the whole ipv6 stack, which is likely what you want if you are experiencing issues.
ipv6.disable_ipv6=1 instead will keep the ipv6 stack functional, but not assign ipv6 addresses to any of your network devices.
Adding to kernel line
With grub edit
kernel /vmlinuz26 root=/dev/sda3 ro ipv6.disable=1 quiet 3
With grub2 edit
linux /vmlinuz-linux root=UUID=a3... ro ipv6.disable=1 quiet
One can also avoid assigning ipv6 addresses to specific nic's by adding the following sysctl config to
# Disable IPv6 net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.<nic0>.disable_ipv6 = 1 ... net.ipv6.conf.<nicN>.disable_ipv6 = 1
Note that you must list all the relevant nic's explicitly, as disabling "all" does not apply to nic's that are already set up when sysctl settings are applied.
Disabling ipv6 functionality in the kernel does not prevent other programs from trying to use ipv6. In most cases, this is completely harmless, but if you find yourself having issues with that program, you should consult the program's manpages for a way to disable that functionality.
For instance, dhcpcd will continue to harmlessly attempt to perform ipv6 router solicitation. To disable this, as stated in the dhcpcd.conf manpage, add the following to
- IPv6 - kernel.org Documentation