On 10/06/17 12:51, richard lucassen wrote: > On Fri, 9 Jun 2017 23:04:40 +0200 > Gert Doering <g...@greenie.muc.de> wrote: > >>> BTW, is there a way to disable ipv6 in the tunnel? I can't find >>> anything about it in the manpage. There are ipv6 router >>> sollicitations flowing into the tunnel which is keeping the slave >>> tunnel busy. Or do I have to sysctl some /proc/sys/net/ipv6/tun0 >>> entry? >> >> Unless --ifconfig-ipv6 is set, we do not initialize anything >> IPv6-related on the tun interface - so, this is your helpful OS (or >> network manager) trying autoconfig to see if something happens. >> >> so, >> >> echo 0 >/proc/sys/net/ipv6/conf/tun0/router_solicitations > > Yep, that did the trick. I added it to an "up" script
The proper solution is actually to add this line in either /etc/sysctl.conf or a file in /etc/sysctl.d. The line you would need would then be: net.ipv6.conf.tun0.router_solicitations = 0 This won't work too well if the tunnel isn't started before sysctl is run during boot. But you can flip this around. On my systems, the default value for IPv6 router_solicitations is 3. So if you know which interfaces (being available at boot time) you want to have this enabled on, you can do this: net.ipv6.conf.default.router_solicitations = 0 net.ipv6.conf.lo.router_solicitations = 3 net.ipv6.conf.enp0s25.router_solicitations = 3 net.ipv6.conf.wlp2s0.router_solicitations = 3 Or, you can use this in your 'up' script: sysctl -p /etc/sysctl.d/tun-ipv6-tweak.conf with /etc/sysctl.d/tun-ipv6-tweak.conf carrying the first example. These approaches puts these configuration tweaks in your system which is most commonly expected on Linux systems. And if others come and wants to tweak it, they don't have to hunt down the 'up' script to figure out what's going on. -- kind regards, David Sommerseth
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
