How to Disable IPv6 ports in VMware Aria Suite Lifecycle
Article ID: 322706
Updated On:
Products
VMware Aria Suite
Issue/Introduction
This article describes how to Disable IPv6 ports in VMware Aria Suite Lifecycle.
Environment
VMware vRealize Suite Lifecycle Manager 8.10.x
Resolution
Before proceeding take a snapshot the VMware Aria Suite Lifecycle appliance.
VMware Aria Suite Lifecycle 8.14 or later
- Edit the file /boot/photon.cfg by adding ipv6.disable=1 at the end of the line for variable photon_cmdline
- Reboot VMware Aria Suite Lifecycle
- Validate the resutls by running the command netstat -tulpn | grep 'tcp6|udp6' (any service should be listed).
VMware Aria Suite Lifecycle 8.12
- Run the commands:
sudo sysctl -w net.ipv6.conf.all.autoconf=0
sudo sysctl -w net.ipv6.conf.all.accept_ra=0
systemctl restart systemd-networkd
- In the configuration file: /etc/sysctl.d/99-sysctl.conf add the line:
net.ipv6.conf.lo.disable_ipv6=1
- Disable ipv6 for vami-lighttpd service:
- In the configuration file: /opt/vmware/etc/lighttpd/lighttpd.conf change the line server.use-ipv6 = "enable" to server.use-ipv6 = "disable"
- Restart the vami-lightpd service service vami-lighttp restart
- Disable ipv6 for vami-sfcb service:
- In the configuration file: /opt/vmware/etc/sfcb/sfcb.cfg Add the line: ip4AddrList: 0.0.0.0
- Restart the vami-sfcb service service vami-sfcb restart
- Disable ipv6 for sshd service:
- In the configuration file: /etc/ssh/sshd_config Add the line: AddressFamily inet
- Restart the sshd service service sshd restart
- Disable ipv6 for ntp service:
- In the configuration file: /etc/ntp.conf Add the line: interface ignore wildcard
- Comment out the line restrict -6 ::1, once edited the line should read: #restrict -6 ::1
- You can validate that the service are no longer listening on ipv6 using the command, if any services persist in leveraging ipv6 its recommended to reboot the appliance:
netstat -tulpn | grep 'tcp6\|udp6'
Feedback
Yes
No
Powered by
