Why do I still have traces of IPv6 on a linux host with IPv6 disabled?

Kedare asked:

When looking at my Observium monitoring, I just found strange results on this graphs “IPv6 Packet Statistics”, this server is on a IPv4 network with IPv6 disabled on the server itself with :

net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1

Here is the graph:
IPv6

When looking on the routes , I still find IPv6 routes (look 6to4) :

ip -6 route show
unreachable ::/96 dev lo  metric 1024  error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable ::ffff:0.0.0.0/96 dev lo  metric 1024  error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:a00::/24 dev lo  metric 1024  error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:7f00::/24 dev lo  metric 1024  error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:a9fe::/32 dev lo  metric 1024  error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:ac10::/28 dev lo  metric 1024  error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:c0a8::/32 dev lo  metric 1024  error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 2002:e000::/19 dev lo  metric 1024  error -101 mtu 16436 advmss 16376 hoplimit 4294967295
unreachable 3ffe:ffff::/32 dev lo  metric 1024  error -101 mtu 16436 advmss 16376 hoplimit 4294967295
fe80::/64 dev eth0  proto kernel  metric 256  mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev eth1  proto kernel  metric 256  mtu 1500 advmss 1440 hoplimit 4294967295
fe80::/64 dev eth2  proto kernel  metric 256  mtu 1500 advmss 1440 hoplimit 4294967295

Is this normal that I still have IPv6 routes and IPv6 traffic without any IPv6 interface or IPv6 network and IPv6 disabled at Kernel level ? (::1 don’t ping)

My answer:


You have roughly one packet per second coming into your interface for the better part of a day. Best guess is that someone else on the same subnet as you was sending IPv6 multicast traffic of some sort (neighbor discovery, DHCPv6 requests, whatever). Someone on your subnet could also have been pinging you. You’ll have to decide what that means, based on who and what else is on your subnet.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.