Department of Defense
High Performance Computing Modernization Program

Note: A 2022 tutorial on the many aspects of IPv6 can be found in this All Things TECH IPv6 on Linux article.

Enabling IPv6

Linux systems built with a Linux kernel 2.6 or later will have Internet Protocol version 6 (IPv6) enabled by default, including Red Hat (Desktop or WS 3.0 or later and Enterprise (RHEL) 5.2 or later), Mandrake 8 or later, Fedora 9 or later, and CentOS 7 or later systems. IPv4 will continue to run. You must be logged in as root to make these changes. Also, in the absence of other policy or guidance about hardening RHEL to guard against potential IPv6-related attacks, a guide for configuring RHEL servers 6.6 and later to prevent IPv6-related attacks is provided by this Guide to Securely Configure Linux Servers for IPv6 article and this Linux Security Guide for Hardening IPv6 article.

The following guide explains the steps involved with enabling IPv6 in earlier versions of Red Hat Linux. These instructions also work for the Mandrake, Fedora, and CentOS Linux distributions.

Considerations: If you depend on iptables for securing the system make sure to appropriately apply ip6tables rules. See link at end of this section.

Quick Start Instructions:

1) Test to see that the ipv6 kernel module is loaded: lsmod |grep ipv6
If it’s not loaded, load immediately as follows:

modprobe ipv6

To have the module loaded when the system starts, edit /etc/modules.conf and add the following line:

alias net-pf-10 ipv6

2) Edit: /etc/sysconfig/network, add:


3) For each of the /etc/sysconfig/network-scripts/ifcfg-ethX files, add:


to enable Stateless Address Autoconfiguration (SLAAC) addressing, or, if you want to manually configure things, instead add:


(remembering to use square brackets and colons in the IPv6 addresses).

4) Privacy extensions are not enabled by default. For each configured interface ethX where privacy extensions are being enabled, add the line:


to the /etc/sysconfig/network-scripts/ifcfg-interface ethX file for that interface. Then create the file /etc/sysctl.d/ipv6_privacy_extensions (if it does not already exist), containing the lines


5) The Essential IPv6 for the Linux Systems Administrator presentation discusses additional aspects of enabling IPv6, such as routing and DNS.

6) Then issue a "service network restart" command. (This may disconnect you temporarily as networking reloads)

7) Then try pinging:

# ping6 -n

The output should be similar to this:

Pinging [2001:470:1:18::119] with 32 bytes of data:
Reply from 2001:470:1:18::119: time=687ms
Reply from 2001:470:1:18::119: time=719ms
Reply from 2001:470:1:18::119: time=702ms
Reply from 2001:470:1:18::119: time=700ms

Also, checkout Linux IPv6 HOWTO.

ip6tables info can be found in the Enabling IPv6 in ip6tables and other Linux-based Firewalls article in the Security section.


Disabling IPv6


In releases built with a Linux kernel 2.6 and later, IPv6 is enabled by default. This includes Red Hat (Desktop or WS 3.0 or later and RHEL 5.2 or later), Mandrake 8.0 or later, Fedora 9 or later, and CentOS 7 or later systems. IPv4 will continue to run. You must be logged in as root to make these changes. To disable IPv6:

1. Edit the file /etc/modprobe.conf

2. Add the following lines to the file

alias net-pf-10 off
alias ipv6 off

3. Write the file, save it, and exit the editor

4. Edit the file /etc/sysconfig/network

5. Change the following line in the file


so that it looks like


6. Write the file, save it, and exit the editor

7. Reboot