Re: Network Manager and SLAAC


On Tue, 2018-08-07 at 14:33 -0500, Lesley Kimmel wrote:

I'm looking for a way to globally disable SLAAC when using
NetworkManager on RHEL-based systems.

I am able to disable SLAAC on a pre-interface basis by adding
IPV6_AUTOCONF=no to the relevant interface configuration file.
However, I cannot find a way to make this setting in a generic way
that would apply to all current and future interfaces.

Any thoughts?

I don't think there is a reasonably easy solution for this.

Your question is about the ipv6.method option. The ipv6.method is
configured per-profile. There is no global setting that affects all

Can you not adjust all the profiles to your liking?

  for UUID in $(nmcli -g UUID connection); do
      nmcli connection modify uuid $UUID ipv6.method link-local

Also note, that (almost) all profiles are created by a client
application. For example a user clicking in nm-connection-editor, or a
script calling nmcli. The settings of future profiles will be
determined by these clients. For example, if you
want that future profiles don't use SLAAC, don't create them as such.
They are (usually) not created by NetworkManager itself.

Note, that for some reasons, nobody implemented a ipv6.method=disabled
option. So, while you can disable SLAAC per-profile (with methods
"ignore", "link-local" or "manual"), "disabled" is not implemented yet.


PS: you are welcome to look at ifcfg files and edit them. However, the
relevant part is how NetworkManager interprets the file. Looking at
IPV6_AUTOCONF variable only makes it more complicated. What matters in
the end is the ipv6.method option (as visible in `nmcli connection show

Attachment: signature.asc
Description: This is a digitally signed message part

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]