VMware Aria Operations 8.17.1

8.18 8.17.1 8.16 8.14 8.12
简体中文 Deutsch Español Français 日本語 한국어 繁體中文 English

Configure the Host System to Deny IPv6 Router Solicitations

As a security best practice, verify that host system denies IPv6 router solicitations unless necessary. The router solicitations setting determines how many router solicitations are sent when bringing up the interface. If addresses are assigned statically, there is no need to send any solicitations.
  1. Run the
    # grep [01] /proc/sys/net/ipv6/conf/*/router_solicitations|egrep "default|all"
     command to verify whether the host system denies IPv6 router solicitations unless necessary.
  2. Configure the host system to deny IPv6 router solicitations.
    1. Open the
      /etc/sysctl.conf
      .
    2. If the values are not set to
      0
      , add the following entries to the file or update the existing entries accordingly. Set the value to
      0
      . 
      net.ipv6.conf.all.router_solicitations=0 
net.ipv6.conf.default.router_solicitations=0
    3. Save the changes and close the file.
    4. Run
      # sysctl -p
       to apply the configuration.

Content feedback and comments