factory-default/sys-apps/baselayout: enable IPv6 sysctl

1 files changed, 11 insertions, 4 deletions

diff --git a/factory-default/sys-apps/baselayout/etc/sysctl.conf b/factory-default/sys-apps/baselayout/etc/sysctl.conf
index 7b7495f0..39478f65 100644
--- a/factory-default/sys-apps/baselayout/etc/sysctl.conf
+++ b/factory-default/sys-apps/baselayout/etc/sysctl.conf
@@ -70,10 +70,16 @@ net.ipv4.tcp_congestion_control = bbr
 
 # Disable packet forwarding
 net.ipv4.ip_forward = 0
+net.ipv6.conf.all.forwarding = 0
+net.ipv6.conf.default.forwarding = 0
 
 # Disable IP dynaddr
 net.ipv4.ip_dynaddr = 0
 
+# Enable IPv6 Router Advertisements
+net.ipv6.conf.all.accept_ra = 1
+net.ipv6.conf.default.accept_ra = 1
+
 # Respond to ARP request from incoming interface
 net.ipv4.conf.all.arp_filter = 1
 net.ipv4.conf.default.arp_filter = 1
@@ -93,6 +99,8 @@ net.ipv4.conf.default.arp_notify = 1
 # Disable redirects
 net.ipv4.conf.all.accept_redirects = 0
 net.ipv4.conf.default.accept_redirects = 0
+net.ipv6.conf.all.accept_redirects = 0
+net.ipv6.conf.default.accept_redirects = 0
 
 # Disable sending redirects
 net.ipv4.conf.all.send_redirects = 0
@@ -105,6 +113,8 @@ net.ipv4.conf.default.secure_redirects = 0
 # Disable source route
 net.ipv4.conf.all.accept_source_route = 0
 net.ipv4.conf.default.accept_source_route = 0
+net.ipv6.conf.all.accept_source_route = 0
+net.ipv6.conf.default.accept_source_route = 0
 
 # Enable source route verification
 net.ipv4.conf.all.rp_filter = 1
@@ -164,14 +174,11 @@ net.ipv4.tcp_synack_retries = 3
 # address, where you want both master and backup to be started eventhough the
 # IP is not yet present. Always leave it to 1. Default: 0
 net.ipv4.ip_nonlocal_bind = 1
+net.ipv6.ip_nonlocal_bind = 1
 
 # How often TCP sends out keepalive messages
 net.ipv4.tcp_keepalive_time = 60
 
-# Disable IPv6, except for loopback
-net.ipv6.conf.all.disable_ipv6 = 1
-net.ipv6.conf.lo.disable_ipv6  = 0
-
 # Restrict use of the IPv6 socket to IPv6 communication
 net.ipv6.bindv6only = 1