Date: Sun, 23 Jun 2019 18:12:46 -0400 (EDT) From: doug <doug@fledge.watson.org> To: FreeBSD Questions <freebsd-questions@freebsd.org> Subject: Re: Eliminating IPv6 (?) Message-ID: <alpine.BSF.2.20.1906231738070.90858@fledge.watson.org> In-Reply-To: <CABWFOjvAsY6CTWbDNtZfiNv80C=HHz5ocigFB_xJGn_LM9722A@mail.gmail.com> References: <CABWFOjvAsY6CTWbDNtZfiNv80C=HHz5ocigFB_xJGn_LM9722A@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 23 Jun 2019, Brian Wood wrote: > Freddie Cash writes: >> >> You've been given the tools to do exactly what you want: >> - comment out IPv6 support in the kernel config file >> - add WITHOUT_IPV6=yes to /etc/src.conf >> - rebuild the world and kernel > > I'm interested in this subject as an entrepreneur with > a boutique on-line service. I followed the above and > it boots and 'netstat -r' no longer says anything about > IPv6. > I found section 23.5.1 on this page: > https://www.freebsd.org/doc/handbook/makeworld.html > > to be confusing. I'm not sure if that is out of date, but > the 'make -j4 kernel' > is different than make buildkernel > and it says to reboot before running 'make installworld'. > > I'm not sure if it matters but I did 'make buildkernel ...' > before 'make buildworld'. Then I installed both and > then rebooted. I tried to get away with just rebuilding > the kernel and installing that, but that didn't work. > > Anyway, I'm glad I was able to do this and bring it up > in the hope that ground-up entrepreneurs will not be > dismissed by FreeBSD. IPv6 is a headache for mom > & pop shops. I've got a bit of a different take on this. It seems to me that starting with the rewrite of the network stack to remove the giant (right term??) lock and making almost all drivers available via kldload the goal has been to remove the necessity to compile your own kernel (at least for guys like me). I'm more of a [grand] mom and pop shop, anyway, I can not find any left over files to clue me as to when I last compiled a kernel. Given all platforms and difficulty in debugging all the variability of having a billion or so packets arrive randomly on systems with 1-32 cores and different processor speeds I am happiest running the code that is the most used. Maybe the theory of correctness makes debugging better than when I was doing this s--t. If so links would be much appreciated. I use sshguard with inetd on jails and IPFW on the hosts and can see no measurable overhead with inetd much less IPFW. All my servers run only internet services of some sort so in processor time it's days maybe months (relatively speaking) between network interrups. So unless one is doing some processor heavy application that also has a real-time response requirement I do not see that much benefit from compiling a kernel just to get rid of IPV6 packets. As someone pointed out we can not be sure our "friendly" IPSs maybe sending them our way. Note even though there are not any "?" in this, it is essentially a long question. Thanks for any comments, thoughts, ... Doug
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?alpine.BSF.2.20.1906231738070.90858>