IPv4 has been in place for around 30 years now and is still a testament to human ingenuity. Unfortunately, IPv4 is limited to approximately 4.3 billion addresses, 0.0.0.0 - 255.255.255.255. As more cities in more countries get connected to the Internet, the address space is quickly being depleted. The use of NAT is a creative band-aid to help slow address exhaustion, but IPv6 is the new and improved IP addressing schema intended to replace IPv4.
With the native implementation in modern operating systems and software, IPv6 support has grown in recent years; however, the existing infrastructure just isn't ready. As a result, a number of applications behave as though an IPv6 network is available, which not only wastes CPU cycles, but can also decrease application response time. Fortunately for Debian users (and other Linux users, too I imagine), there is a way to remove this functionality completely. This entry isn't like those other crap articles you've probably read that just add an alias in aliases.conf or comment out some stuff in blacklist.conf; we're going to compile a custom kernel, and it's easier than you might think.
Get Ready: Tools, Packages, Environment
$ sudo aptitude update; sudo aptitude install build-essential fakeroot kernel-package $ sudo mkdir /usr/src/KERNEL $ sudo chown -R some_user:some_group /usr/src/KERNEL $ cd /usr/src/KERNEL $ sudo apt-get source linux-source-2.6.32 $ sudo chown -R some_user:some_group /usr/src/KERNEL; cd linux-2.6-2.6.32 $ cp /boot/config-2.6.32-5-amd64 .config $ export CONCURRENCY_LEVEL=5 $ vim Makefile
Before you start asking, "What the hell is all that?", I'll go over each command. The first command updates the apt package cache and installs the packages we'll need to configure and compile our new IPv6less kernel. The second command creates a directory for the kernel source and the third makes sure the normal user (not root!) owns the directory.
Next, we change directories to the new folder and use apt-get to pull down the kernel source code. The file and folder ownership is then recursively updated so the normal user (not root!) owns the files. We then change directories to the kernel source folder we downloaded with apt-get, linux-2.6.2.6.32.
The existing kernel config is then copied over to, .config, which is what we'll use as a basis for the new kernel. Replace "2.6.32-5-amd64" with YOUR existing kernel. Execute "uname -r" to find this out. For multi-core processors, set the CONCURRENCY_LEVEL environmental variable to ensure make-kpkg utilizes all available cores when compiling our new kernel. Quad cores can use "5" (as shown above) and dual core can use "3" - adjust accordingly. There are disputes about whether or not this actually decreases compilation time, but I'm not too concerned since setting it doesn't hurt anything.
Finally, open /usr/src/KERNEL/linux-2.6-2.6.32/Makefile and change the "EXTRAVERSION" variable to whatever you prefer. Below is what I put in mine:
VERSION = 2 PATCHLEVEL = 6 SUBLEVEL = 32 EXTRAVERSION = -5-amd64-NoIP6 NAME = Man-Eating Seals of Antiquity
Configure The Replacement Kernel
$ make oldconfig HOSTCC scripts/basic/fixdep HOSTCC scripts/basic/docproc HOSTCC scripts/basic/hash HOSTCC scripts/kconfig/conf.o HOSTCC scripts/kconfig/kxgettext.o SHIPPED scripts/kconfig/zconf.tab.c SHIPPED scripts/kconfig/lex.zconf.c SHIPPED scripts/kconfig/zconf.hash.c HOSTCC scripts/kconfig/zconf.tab.o HOSTLD scripts/kconfig/conf scripts/kconfig/conf -o arch/x86/Kconfig # # using defaults found in /boot/config-2.6.32-5-amd64 # # # configuration written to .config # $ make xconfig
Find the section pictured below (Networking support -> Networking options -> TCP/IP networking -> The IPv6 protocol -> The IPv6 protocol") and unselect/uncheck the "The IPv6 protocol" option.
There are dozens of options you can disable for increased performance. For example, if you know you'll never install or use a bluetooth device, why bother compiling support into the kernel? What about joysticks or old 56k modem drivers? Don't need 'em? Get rid of 'em. I've spent an hour or two going through the options one by one and believe it was time well spent.
Start Building The IPv6less Kernel
$ cd .. (move into /usr/src/KERNEL, type: pwd to confirm) $ mv linux-2.6-2.6.32 linux-2.6.32.NoIP6; cd linux-2.6.32.NoIP6/ $ make-kpkg clean --arch=amd64 --subarch=x86_64 $ fakeroot make-kpkg --initrd --revision 2 kernel_image kernel_headers --arch=amd64 --subarch=x86_64
This is the part that takes a while... Go grab some coffee or something. Once the kernel is compiled, cd back into /usr/src/KERNEL and look for the following:
$ ls -lah /usr/src/KERNEL |grep .deb -rw-r--r-- 6.1M Aug 3 10:57 linux-headers-2.6.32-5-amd64-NoIP6_2_amd64.deb -rw-r--r-- 22M Aug 3 10:56 linux-image-2.6.32-5-amd64-NoIP6_2_amd64.deb $
Hooray! If no, goto: 1.
Build nVidia Driver Support
If you have an nVidia card and want to build the drivers before booting into your new IPv6less kernel, it's really easy.
$ cd .. (move back into /usr/src/KERNEL) $ sudo m-a -t -k linux-2.6.32.NoIP6/ -l linux-2.6.32.NoIP6 a-b nvidia
If that doesn't work, add the "non-free" section to your apt sources.list, run aptitude update, and make sure the "nvidia-kernel-source" and "nvidia-kernel-common" packages are installed. Then try again.
Install The New Kernel
Wow, FINALLY, right? This is the easiest and most rewarding part of the entire process.
$ sudo dpkg -i linux-headers-2.6.32-5-amd64-NoIP6_2_amd64.deb linux-image-2.6.32-5-amd64-NoIP6_2_amd64.deb
$ cat /boot/grub/grub.cfg | grep -i 'noip6'
or for Lenny...
$ cat /boot/grub/menu.lst | grep -i 'noip6'
$ sudo shutdown -r -t 0 now
After reboot to confirm:
$ uname -a
Linux q9550.nullamatix.com 2.6.32-5-amd64-NoIP6 #1 SMP PREEMPT Fri Oct 1 10:45:38 EDT 2010 x86_64 GNU/Linux
$ ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:01:02:03:00:01
inet addr:192.168.254.200 Bcast:192.168.254.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:214841 errors:0 dropped:0 overruns:0 frame:0
TX packets:214841 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:10752020 (10.2 MiB) TX bytes:10752020 (10.2 MiB)
Notice the lack of an "inet6" address, now. Win.
Squeeze sources.list For nVidia Support
############################################################# ## add contrib & non-free for built-in nvidia support ### ############################################################# $ grep '^deb' /etc/apt/source.list deb http://ftp.us.debian.org/debian/ squeeze main contrib non-free deb-src http://ftp.us.debian.org/debian/ squeeze main contrib non-free deb http://security.debian.org/ squeeze/updates main contrib non-free deb-src http://security.debian.org/ squeeze/updates main contrib non-free
This was written several weeks after I did this on my own system. If I missed something, something's screwed up, or there's a better way, please let me know by submitting a comment or emailing me.
Word Count: 1292
Tags: Linux, network, performance, software, tcp/ip
