amazon-eks-ami icon indicating copy to clipboard operation
amazon-eks-ami copied to clipboard

Published 20 hours ago verified publisher icon awslabs

IPv6 should be disabled by default

Open raonitimo opened this issue 4 years ago • 2 comments

What would you like to be added: Disable IPv6 in worker nodes by default

Why is this needed: There's no point having it enabled until https://github.com/aws/containers-roadmap/issues/835 is implemented

raonitimo avatar Apr 20 '20 14:04 raonitimo

@raonitimo Could you please share some details on what's the issue you are facing and how it is affecting the workloads.

If you are referring to /proc/sys/net/ipv6/conf/all/disable_ipv6 flag, then its a kernel level property and unless the runtime is containerd on k8s version 1.21, workload shouldn't be impacted. Please let us know if our understanding is incorrect.

ravisinha0506 avatar Dec 23 '21 21:12 ravisinha0506

@ravisinha0506 Could you please share some impact details as mentioned in your post above if running with containerd runtime on K8s version 1.21 and Ipv6 enabled on hosts? We use tc to do a network chaos experiment by blocking the traffic from our pods. We have seen that once we block the TCP traffic for external dependency, the client pods make a connection using tcp6 for which we have not yet been able to figure out how to block tcp6 traffic using tc.

rahul656 avatar Apr 13 '22 08:04 rahul656