Verify that your VMware appliance host machines deny IPv6 router hop limit settings unless necessary.

About this task

The accept_ra_defrtr setting controls whether the system will accept Hop Limit settings from a router advertisement. Setting it to zero prevents a router from changing your default IPv6 Hop Limit for outgoing packets.

Procedure

  1. Run the # grep [01] /proc/sys/net/ipv6/conf/*/accept_ra_defrtr|egrep "default|all" command on the VMware appliance host machines to verify that they deny IPv6 router hop limit settings.

    If the host machines are configured to deny IPv6 router hop limit settings, this command will return values of 0.

    /proc/sys/net/ipv6/conf/all/accept_ra_defrtr:0
    /proc/sys/net/ipv6/conf/default/accept_ra_defrtr:0

    If the host machines are configured correctly, no further action is necessary.

  2. If you need to configure a host machine to deny IPv6 router hop limit settings, open the /etc/sysctl.conf file in a text editor.
  3. Check for the following entries.
    net.ipv6.conf.all.autoconf=0
    net.ipv6.conf.default.autoconf=0

    If the entries do not exist or if their values are not set to zero, add the entries or update the existing entries accordingly.

  4. Save any changes you made and close the file.