How To
Summary
Some of the underlying components on my appliance, such as NTP, are not working as expected because I'm using IPv6 addresses.
Is there a way to totally disable IPv6 on my appliance? Or maybe selectively disable it on a per-interface basis?
Objective
The objective of this article is to show how to use Advanced Tuning Parameters in the ISAM Appliance LMI to disable IPv6 on the Appliance
Environment
ISAM 9.0.X
Steps
1) Log into your ISAM Appliance Local Management Interface (LMI) via a Web Browser
2) Navigate to 'Manage System Settings -> System Settings -> Advanced Tuning Parameters'
3) Select the 'New' button to create a new Advanced Tuning Parameter
3) Select the 'New' button to create a new Advanced Tuning Parameter
The following is reference for the two Advanced Tuning Parameters presented in this document :
Disable IPv6 for all interfaces
Key : sysctl.net.ipv6.conf.all.disable_ipv6
Value : 1
Selectively disable IPv6 for a specific interface :
Key : sysctl.net.ipv6.conf.<interface>.disable_ipv6
Value : 1
You need to substitute a value in for '<interface>'.
The appliance uses interface names of 'eth#' starting at 'eth0' for interface '1.1'.
The appliance uses the name 'lo' for the loopback address.
Disable IPv6 for all interfaces
Key : sysctl.net.ipv6.conf.all.disable_ipv6
Value : 1
Selectively disable IPv6 for a specific interface :
Key : sysctl.net.ipv6.conf.<interface>.disable_ipv6
Value : 1
You need to substitute a value in for '<interface>'.
The appliance uses interface names of 'eth#' starting at 'eth0' for interface '1.1'.
The appliance uses the name 'lo' for the loopback address.
4) After you apply the Advanced Tuning Parameters you'll need to deploy the Pending Changes
5) Finally, reboot the appliance
5) Finally, reboot the appliance
6) Verify that there are no IPv6 addresses by using SSH to run the following command from the Appliance Command Line Interface (CLI) :
> tools connections
There should be only IPv4 addresses present.
Example output :
> tools connections
There should be only IPv4 addresses present.
Example output :
isam9060lmi.hyperv.lab> tools connections
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 127.0.0.1:9443 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:2020 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:22983 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:2024 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:2027 0.0.0.0:* LISTEN
tcp 0 0 10.2.1.16:22 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:9080 0.0.0.0:* LISTEN
tcp 0 0 10.2.1.16:9081 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:9081 0.0.0.0:* LISTEN
tcp 0 0 10.2.1.16:443 0.0.0.0:* LISTEN
tcp 0 52 10.2.1.16:22 10.2.0.1:33374 ESTABLISHED
tcp 0 0 127.0.0.1:22983 127.0.0.1:47156 ESTABLISHED
tcp 0 0 127.0.0.1:47156 127.0.0.1:22983 ESTABLISHED
udp 0 0 127.0.0.1:50524 127.0.0.1:50524 ESTABLISHED
udp 0 0 127.0.0.1:63104 127.0.0.1:63104 ESTABLISHED
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 127.0.0.1:9443 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:2020 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:22983 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:2024 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:2027 0.0.0.0:* LISTEN
tcp 0 0 10.2.1.16:22 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:9080 0.0.0.0:* LISTEN
tcp 0 0 10.2.1.16:9081 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.1:9081 0.0.0.0:* LISTEN
tcp 0 0 10.2.1.16:443 0.0.0.0:* LISTEN
tcp 0 52 10.2.1.16:22 10.2.0.1:33374 ESTABLISHED
tcp 0 0 127.0.0.1:22983 127.0.0.1:47156 ESTABLISHED
tcp 0 0 127.0.0.1:47156 127.0.0.1:22983 ESTABLISHED
udp 0 0 127.0.0.1:50524 127.0.0.1:50524 ESTABLISHED
udp 0 0 127.0.0.1:63104 127.0.0.1:63104 ESTABLISHED
...
The above will successfully disable IPv6 on your appliance.
Document Location
Worldwide
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSQRZH","label":"IBM Security Access Manager Appliance"},"Component":"","Platform":[{"code":"PF004","label":"Appliance"}],"Version":"All Versions","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]
Product Synonym
ISAM; IBM Security Access Manager; ISAM Appliance; IBM Security Access Manager appliance;
Was this topic helpful?
Document Information
Modified date:
25 July 2019
UID
ibm10958937