Verify that your VMware appliance host machines deny IPv6 router prefix information unless otherwise required for system operation.

About this task

The accept_ra_pinfo setting controls whether the system accepts prefix info from the router. If addresses are statically assigned, there is no need to receive any router prefix information.

Procedure

  1. Run the # grep [01] /proc/sys/net/ipv6/conf/*/accept_ra_pinfo|egrep "default|all" command on the VMware appliance host machines to verify that they deny IPv6 router prefix information.

    If the host machines are configured to deny IPv6 router advertisements, this command will return the following.

    /proc/sys/net/ipv6/conf/all/accept_ra_pinfo:0
    /proc/sys/net/ipv6/conf/default/accept_ra_pinfo:0

    If the host machines are configured correctly, no further action is necessary.

  2. If you need to configure host machines to deny IPv6 router prefix information, open the /etc/sysctl.conf file in a text editor.
  3. Check for the following entries.
    net.ipv6.conf.all.accept_ra_pinfo=0
    net.ipv6.conf.default.accept_ra_pinfo=0

    If the entries do not exist or if their values are not set to zero, add the entries or update the existing entries accordingly.

  4. Save any changes and close the file.