Results 1 to 10 of 10

Thread: how to disable IPv4 temporarily

  1. #1
    Join Date
    Jan 2010
    Location
    Wheeling WV USA
    Beans
    2,053
    Distro
    Xubuntu 20.04 Focal Fossa

    how to disable IPv4 temporarily

    IPv6 is already working and seems to be preferred if the site has an AAAA record in DNS. what i want to do is confirm a site by temporarily disabling IPv4 and trying to access it, again. i only need to do this for Firefox but doing it system-wide is preferred so it will be in effect for everything like lynx, ping, telnet, traceroute, and so on. i would like this to be a simple thing like an on-off switch, or a command (i always have a shell open). i would prefer it works for a non-root sudo-restricted (cannot use root) user (which i am usually using).

    i'd also like to know how apps like web browsers implement a preference. do they just delay trying IPv4 if a DNS AAAA record comes back and end the delay if IPv6 quickly fails?
    Mask wearer, Social distancer, System Administrator, Programmer, Linux advocate, Command Line user, Ham radio operator (KA9WGN/8, tech), Photographer (hobby), occasional tweetXer

  2. #2
    currentshaft is offline Oops! My Coffee Cup is empty.
    Join Date
    May 2024
    Beans
    Hidden!

    Re: how to disable IPv4 temporarily

    I don't think you want to disable IPv4 entirely since your IPv6 route is likely only outside your gateway. You still need IPv4 to connect locally.

    What you probably want instead is something like dnsmasq or dnscrypt as your resolver to block A queries and only forward AAAA ones.

  3. #3
    Join Date
    Jan 2010
    Location
    Wheeling WV USA
    Beans
    2,053
    Distro
    Xubuntu 20.04 Focal Fossa

    Re: how to disable IPv4 temporarily

    i really do want IPv4 traffic disabled. but i do have a tunnel going over IPv4 to carry IPv6 traffic to reach the world. so i think the solution is to create a dead interface that looks to be alive, default route all of IPv4 to it, and set up simple /30 routes for my existing IPv4 connection (wifi) and the far end of the tunnel. then i need to find a way to get Linux to discard incoming IPv4 traffic not intended for these 8 addresses, as soon as possible, before it reaches regular filtering. the tunnel does have an IPv4 interface on each end, but i can unconfigure that. when i get another computer on my LAN i want it to be pure IPv6 operating as if IPv4 no longer exists or never did exist.
    Mask wearer, Social distancer, System Administrator, Programmer, Linux advocate, Command Line user, Ham radio operator (KA9WGN/8, tech), Photographer (hobby), occasional tweetXer

  4. #4
    currentshaft is offline Oops! My Coffee Cup is empty.
    Join Date
    May 2024
    Beans
    Hidden!

    Re: how to disable IPv4 temporarily

    who
    Last edited by currentshaft; 2 Weeks Ago at 01:10 AM.

  5. #5
    Join Date
    Jan 2010
    Location
    Wheeling WV USA
    Beans
    2,053
    Distro
    Xubuntu 20.04 Focal Fossa

    Re: how to disable IPv4 temporarily

    if IPv4 is working, something could be using IPv4, and the test result would be misleading.
    Mask wearer, Social distancer, System Administrator, Programmer, Linux advocate, Command Line user, Ham radio operator (KA9WGN/8, tech), Photographer (hobby), occasional tweetXer

  6. #6
    Join Date
    Jan 2010
    Location
    Wheeling WV USA
    Beans
    2,053
    Distro
    Xubuntu 20.04 Focal Fossa

    Re: how to disable IPv4 temporarily

    "A dead interface that looks to be alive"

    OK, i was not very clear. an interface that appears to be functional but every packet sent is discarded. this can be implemented in software, i'm sure. my poor memory tells me that i've done this before.
    Mask wearer, Social distancer, System Administrator, Programmer, Linux advocate, Command Line user, Ham radio operator (KA9WGN/8, tech), Photographer (hobby), occasional tweetXer

  7. #7
    Join Date
    Jan 2010
    Location
    Wheeling WV USA
    Beans
    2,053
    Distro
    Xubuntu 20.04 Focal Fossa

    Re: how to disable IPv4 temporarily

    > Then simply don't return ipv4 DNS records, which is how most if not all connections will originate, to the LAN clients.

    i can't be sure everything always uses a host name. there is such thing as connecting to a specified IP address, in both IPv4 and IPv6 (i doubt it happens as often in IPv6 but i have done that, before)
    Mask wearer, Social distancer, System Administrator, Programmer, Linux advocate, Command Line user, Ham radio operator (KA9WGN/8, tech), Photographer (hobby), occasional tweetXer

  8. #8
    currentshaft is offline Oops! My Coffee Cup is empty.
    Join Date
    May 2024
    Beans
    Hidden!

    Re: how to disable IPv4 temporarily

    iv
    Last edited by currentshaft; 2 Weeks Ago at 01:33 AM.

  9. #9
    Join Date
    Nov 2007
    Location
    London, England
    Beans
    7,739

    Re: how to disable IPv4 temporarily

    This one requires root, but should work for you. It makes the route unreachable, so your app won't just use IPv4 and declare a timeout, but will know there is no IPv4 route. Assuming the target is 192.0.2.77: sudo ip rule add unreachable to 192.0.2.77
    Use del instead of add to remove the rule it again. You can use ping 192.0.2.77 or ip route get 192.0.2.77 to check the route.

    P.S. You may need to add a priority to make sure your rule has a greater priority (lower number) than the VPN. Try a low-ish number like 100. You can see the current rules with ip rule. Add the priority like this: sudo ip rule add unreachable to 192.0.2.77 priority 100
    Last edited by The Cog; August 8th, 2024 at 09:49 AM.

  10. #10
    Join Date
    Jan 2010
    Location
    Wheeling WV USA
    Beans
    2,053
    Distro
    Xubuntu 20.04 Focal Fossa

    Re: how to disable IPv4 temporarily

    i don't really understand this. it seems to be blocking just one IPv4 address. i want to block all of IPv4 except one to four addresses while leaving IPv6 wide open routed via on to four tunnel(s).
    Mask wearer, Social distancer, System Administrator, Programmer, Linux advocate, Command Line user, Ham radio operator (KA9WGN/8, tech), Photographer (hobby), occasional tweetXer

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •