Hi, On Tue, 2018-08-07 at 14:33 -0500, Lesley Kimmel wrote:
I'm looking for a way to globally disable SLAAC when using NetworkManager on RHEL-based systems. I am able to disable SLAAC on a pre-interface basis by adding IPV6_AUTOCONF=no to the relevant interface configuration file. However, I cannot find a way to make this setting in a generic way that would apply to all current and future interfaces. Any thoughts?
I don't think there is a reasonably easy solution for this.
Your question is about the ipv6.method option. The ipv6.method is
configured per-profile. There is no global setting that affects all
profiles.
Can you not adjust all the profiles to your liking?
for UUID in $(nmcli -g UUID connection); do
nmcli connection modify uuid $UUID ipv6.method link-local
done
Also note, that (almost) all profiles are created by a client
application. For example a user clicking in nm-connection-editor, or a
script calling nmcli. The settings of future profiles will be
determined by these clients. For example, if you
want that future profiles don't use SLAAC, don't create them as such.
They are (usually) not created by NetworkManager itself.
Note, that for some reasons, nobody implemented a ipv6.method=disabled
option. So, while you can disable SLAAC per-profile (with methods
"ignore", "link-local" or "manual"), "disabled" is not implemented yet.
best,
Thomas
PS: you are welcome to look at ifcfg files and edit them. However, the
relevant part is how NetworkManager interprets the file. Looking at
IPV6_AUTOCONF variable only makes it more complicated. What matters in
the end is the ipv6.method option (as visible in `nmcli connection show
"$PROFILE"`).
Attachment:
signature.asc
Description: This is a digitally signed message part