在特定接口上禁用 IPv4 和 IPv6

tag-icon tag-icon ethernet netplan ipv6 21.10 ipv4
在特定接口上禁用 IPv4 和 IPv6

使用 Ubuntu 21.10,软以太网文档建议在用于本地桥接网络适配器的两个以太网接口之一上禁用 IPv4 和 IPv6。

这是我的/etc/netplan/01-网络管理器-all.yaml...

network:
  version: 2
  renderer: NetworkManager
  ethernets:
    lan:
      match:
        macaddress: a8:20:XX:XX:9f:da
      dhcp4: false
      dhcp6: true
      addresses:
        - 192.168.1.3/24
      routes:
        - to: default
          via: 192.168.1.1
          metric: 100
      nameservers:
        addresses: [192.168.1.1]
        search: []
      set-name: lan
    softether:
      match:
        macaddress: 40:6c:XX:XX:4a:93
      dhcp4: false
      dhcp6: false
      link-local: []
      optional: true
      set-name: softether

sudo netplan generate然后运行sudo netplan apply。如你所见,我将本地桥接的接口重命名为软化醚

还将其添加到/etc/sysctl.d/99-sysctl.conf

net.ipv6.conf.softether.disable_ipv6 = 1

然后就跑了sudo sysctl -p

重新启动后,运行时我仍然会在 Softether 上看到 IPv4 和 IPv6 地址ip a...

2: softether: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 40:6c:XX:XX:4a:93 brd ff:ff:ff:ff:ff:ff
    altname enp9s0
    inet 169.254.65.216/16 brd 169.254.255.255 scope link noprefixroute softether
       valid_lft forever preferred_lft forever
    inet6 fd8b:a698:e8f4:3:426c:8fff:fe35:4a93/64 scope global deprecated dynamic mngtmpaddr 
       valid_lft 769sec preferred_lft 0sec
    inet6 fd97:65c2:6883:1:426c:8fff:fe35:4a93/64 scope global dynamic mngtmpaddr 
       valid_lft 1785sec preferred_lft 1785sec
    inet6 fda2:db11:4cad:2:426c:8fff:fe35:4a93/64 scope global deprecated dynamic mngtmpaddr 
       valid_lft 769sec preferred_lft 0sec
    inet6 fdaa:ed5f:f69b:4:426c:8fff:fe35:4a93/64 scope global deprecated dynamic mngtmpaddr 
       valid_lft 770sec preferred_lft 0sec
    inet6 fe80::426c:8fff:fe35:4a93/64 scope link 
       valid_lft forever preferred_lft forever

Netplan 文档展示了这些示例...

Example to enable only IPv4 link-local: link-local: [ ipv4 ]
Example to enable all link-local addresses: link-local: [ ipv4, ipv6 ]
Example to disable all link-local addresses: link-local: [ ]

所以我以为使用最后一个会给我我想要的东西(但没有)。

对我做错的事情有什么想法吗?

答案1

看起来问题出在 Netplan 上渲染器网络管理器. 切换到网络化,我得到了我想要的结果:

2: softether: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 40:6c:XX:XX:4a:93 brd ff:ff:ff:ff:ff:ff
    altname enp9s0

这是我的新/etc/netplan/01-网络管理器-all.yaml

network:
  version: 2
  renderer: networkd
  ethernets:
    lan:
      match:
        macaddress: a8:20:XX:XX:9f:da
      dhcp6: true
      addresses:
        - 192.168.1.3/24
      routes:
        - to: default
          via: 192.168.1.1
          metric: 100
      nameservers:
        addresses: [192.168.1.1]
        search: []
      set-name: lan
    softether:
      match:
        macaddress: 40:6c:XX:XX:4a:93
      optional: true
      # optional-addresses: []
      link-local: []
      set-name: softether
  wifis:
    wlp2s0:
#     match:
#       macaddress: 88:53:XX:XX:f0:75
      dhcp4: yes
      dhcp6: yes
      access-points:
        "Some SSID":
          password: "SOME PASSWORD"
#     set-name: wifi

不幸的是,我无法再像以前那样重命名 WiFi 接口网络管理器因为 networkd 的 wifi 不支持匹配。

相关内容