summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorChristian Breunig <christian@breunig.cc>2025-04-20 20:59:14 +0200
committerChristian Breunig <christian@breunig.cc>2025-04-22 16:06:19 +0200
commit563488b1234560cfd3cb5aa9c8ec3f4b7f10d86b (patch)
treef473590db3024dfd7d63fe654a51f57ce58a8709 /src
parentbad519f9f1004e9855e5805473e2e3e8d1fb36ec (diff)
downloadvyos-1x-563488b1234560cfd3cb5aa9c8ec3f4b7f10d86b.tar.gz
vyos-1x-563488b1234560cfd3cb5aa9c8ec3f4b7f10d86b.zip
sysctl: T7379: always disable IPv6 autoconf and accept_ra during startup
Diffstat (limited to 'src')
-rw-r--r--src/etc/sysctl.d/30-vyos-router.conf10
-rw-r--r--src/systemd/vyos.target2
2 files changed, 11 insertions, 1 deletions
diff --git a/src/etc/sysctl.d/30-vyos-router.conf b/src/etc/sysctl.d/30-vyos-router.conf
index 76be41ddc..ef81cebac 100644
--- a/src/etc/sysctl.d/30-vyos-router.conf
+++ b/src/etc/sysctl.d/30-vyos-router.conf
@@ -83,6 +83,16 @@ net.ipv4.conf.default.ignore_routes_with_linkdown=1
net.ipv6.conf.all.ignore_routes_with_linkdown=1
net.ipv6.conf.default.ignore_routes_with_linkdown=1
+# Disable IPv6 interface autoconfigurationnable packet forwarding for IPv6
+net.ipv6.conf.all.autoconf=0
+net.ipv6.conf.default.autoconf=0
+net.ipv6.conf.*.autoconf=0
+
+# Disable IPv6 router advertisements
+net.ipv6.conf.all.accept_ra=0
+net.ipv6.conf.default.accept_ra=0
+net.ipv6.conf.*.accept_ra=0
+
# Enable packet forwarding for IPv6
net.ipv6.conf.all.forwarding=1
diff --git a/src/systemd/vyos.target b/src/systemd/vyos.target
index c5d04891d..ea1593fe9 100644
--- a/src/systemd/vyos.target
+++ b/src/systemd/vyos.target
@@ -1,3 +1,3 @@
[Unit]
Description=VyOS target
-After=multi-user.target vyos-grub-update.service
+After=multi-user.target vyos-grub-update.service systemd-sysctl.service
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-06 05:34:41 +0000