From 563488b1234560cfd3cb5aa9c8ec3f4b7f10d86b Mon Sep 17 00:00:00 2001
From: Christian Breunig <christian@breunig.cc>
Date: Sun, 20 Apr 2025 20:59:14 +0200
Subject: sysctl: T7379: always disable IPv6 autoconf and accept_ra during
 startup

---
 src/etc/sysctl.d/30-vyos-router.conf | 10 ++++++++++
 src/systemd/vyos.target              |  2 +-
 2 files changed, 11 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/etc/sysctl.d/30-vyos-router.conf b/src/etc/sysctl.d/30-vyos-router.conf
index 76be41ddc..ef81cebac 100644
--- a/src/etc/sysctl.d/30-vyos-router.conf
+++ b/src/etc/sysctl.d/30-vyos-router.conf
@@ -83,6 +83,16 @@ net.ipv4.conf.default.ignore_routes_with_linkdown=1
 net.ipv6.conf.all.ignore_routes_with_linkdown=1
 net.ipv6.conf.default.ignore_routes_with_linkdown=1
 
+# Disable IPv6 interface autoconfigurationnable packet forwarding for IPv6
+net.ipv6.conf.all.autoconf=0
+net.ipv6.conf.default.autoconf=0
+net.ipv6.conf.*.autoconf=0
+
+# Disable IPv6 router advertisements
+net.ipv6.conf.all.accept_ra=0
+net.ipv6.conf.default.accept_ra=0
+net.ipv6.conf.*.accept_ra=0
+
 # Enable packet forwarding for IPv6
 net.ipv6.conf.all.forwarding=1
 
diff --git a/src/systemd/vyos.target b/src/systemd/vyos.target
index c5d04891d..ea1593fe9 100644
--- a/src/systemd/vyos.target
+++ b/src/systemd/vyos.target
@@ -1,3 +1,3 @@
 [Unit]
 Description=VyOS target
-After=multi-user.target vyos-grub-update.service
+After=multi-user.target vyos-grub-update.service systemd-sysctl.service
-- 
cgit v1.2.3