Disable IPv6 using Network Manager
Issue
Many VPNs or network connections support only IPv4. That means all IPv6 traffic bypasses the VPN and renders it virtually useless. To avoid this, we can tell Network Manager to avoid IPv6 on an specific network connection.
Fix
We fix this by disabling the IPv6 protocol on a system that uses NetworkManager to manage network interfaces. If we disable IPv6, Network Manager automatically sets the corresponding sysctl values in the Kernel.
Disable IPv6 on a connection using nmcli
Let’s display the list of network connections:
$ nmcli connection show
NAME UUID TYPE DEVICE
Example 7a7e0151-9c18-4e6f-89ee-65bb2d64d365 ethernet enp1s0
Now we are going to set the ipv6.method parameter of the connection to disabled:
$ nmcli connection modify Example ipv6.method "disabled"
As a final step let’s restart both NetworkManager and the connection itself:
$ sudo systemctl restart NetworkManager
$ nmcli connection up Example
Verify that everything is properly setup
Let’s enter the ip address show command to display the IP settings of the device:
$ ip address show enp1s0
2: enp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 52:54:00:6b:74:be brd ff:ff:ff:ff:ff:ff
inet 192.0.2.1/24 brd 192.10.2.255 scope global noprefixroute enp1s0
valid_lft forever preferred_lft forever
If no inet6 entry is displayed, IPv6 is disabled on the device.
Another way to verify the correct setup is by checking that the /proc/sys/net/ipv6/conf/enp1s0/disable_ipv6 file now contains the value 1:
$ cat /proc/sys/net/ipv6/conf/enp1s0/disable_ipv6
1