Disable & Turn Off IPv6 Support in Windows 10 / 8.1 / 8 / 7 / Vista

»»»Disable & Turn Off IPv6 Support in Windows 10 / 8.1 / 8 / 7 / Vista
IPv6 (Internet Protocol version 6) is the successor for IPv4, the current version of most popular network layer protocol for packet-switched inter-networks used on the Internet. Beginning from Windows Vista, IPv6 is fully implemented and supported, is also installed and enabled by default, with full Internet Protocol security (IPsec) support for IPv6 traffic and Teredo tunneling support for non-IPv6 aware devices.

IPv6 is not common yet, as most software, routers, modems, and other network equipment does not support the emerging and future-proof protocol yet. Beside, turning off IPv6 support does not affect the functionality of Internet browsing for average users. Thus IPv6 and/or Teredo can and (quite likely) should be disabled if it’s not in use to conserve system resources such as network bandwidth.

Unlike Windows XP, IPv6 in Windows Vista, Windows 7, Windows 8, Windows 8.1, Windows 10 and their server equivalent or later cannot be uninstalled, according to Microsoft. However, IPv6 can be disabled. The following guide will allow users to disable IPv6 on a specific connection of a network interface card.

  1. Go to Network Connections folder (In Windows Vista, click on Start button, then go to right click on Network, select Properties, then click on Manager network connections on Tasks pane; In Windows 7, click on Start button, then go to Control Panel -> Network and Internet -> Network and Sharing Center, and select Change adapter settings on the right pane; In Windows 10, Windows 8.1 and Windows 8, open Win-X Quick Access menu, and select Network Connections.
  2. You should see various LAN, WAN, wireless, Bluetooth, high speed Internet, virtual Ethernet adapter, and other network connections available on the Windows computer with the network adapter description. Right click on the network connection that you want to disable the IPv6 interface and select Properties.

    Click “Continue” or “OK” on User Access Control permission request prompt if applicable.

  3. Clear the check box next to the Internet Protocol version 6 (TCP/IPv6) component in the list under “This connection uses the following items” box.

    Disable IPv6

  4. Click OK when done.
  5. To re-enable IPv6, tick back the check box.

This method disables IPv6 on the particular network interface and connection. For other network adapter or connection, users have to repeat the steps to disable IPv6. Beside, disable IPv6 on specific network connection also does not disable IPv6 on tunnel interfaces or the IPv6 loopback interface.

It’s also possible to disable IPv6 and/or Teredo via Windows system registry, which has the advantage to have the IPv6 policies applied to all network adapters. The registry settings also allow users to selectively disable components and configure behaviors for IPv6 in Windows operating system.

  1. Open Registry Editor (regedit).
  2. Navigate to the following registry key branch:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tcpip6\Parameters\
  3. Create the following registry value (DWORD 32-bit Value):

    DisabledComponents

    Note that the name must be exactly as shown, including capitalization. DisabledComponents is set to 0 by default.

  4. The DisabledComponents registry value is a bit mask that controls a series of flags, starting with the low order bit (Bit 0). To determine the value of DisabledComponents for a specific set of bits, the process is complicated, where hexadecimal value is calculated from binary number of the bits in correct position. For convenient, the following table lists some common configuration combinations and the corresponding DWORD value of DisabledComponents.
    Configuration combinationDisabledComponents value
    Re-enable all IPv6 components0
    Disable IPv6 on all tunnel interfaces (Intra-Site Automatic Tunnel Addressing Protocol [ISATAP], 6to4, and Teredo)0x01
    Disable 6to40x02
    Disable ISATAP0x04
    Disable Teredo0x08
    Disable Teredo and 6to40x0A
    Disable IPv6 on all nontunnel interfaces (LAN and PPP [Point-to-Point Protocol])0x10
    Disable all IPv6 on all LAN, PPP and tunnel interfaces except for the IPv6 loopback interface.0x11
    Prefer IPv4 over IPv6 (change entries in the prefix policy table)0x20
    Disable all IPv6 components over all interfaces (except the IPv6 loopback interface) and prefer IPv4 to IPv60xFF

    As seen from table above, to disable IPv6 support globally on all interface, set the value data for DisabledComponents to 000000FF, or simply FF (in hexadecimal). The registry entry will look like below:

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters]
    "DisabledComponents"=dword:000000ff
    
    If you prefer to work with Command Prompt (running as Administrator), run the following command:

    reg add HKLM\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters /v DisabledComponents /t REG_DWORD /d 0x000000FF

    Replace the value of 0x000000FF (with disable IPv6 totally) with applicable value that you prefer.

  5. Restart the computer for changes to take effect.
  6. To revert and enable IPv6, delete DisabledComponents registry key or set its registry value to 0.

Update: More ways available to disable Toredo for IPv4 and IPv6 bridge.

About the Author:

LK is a technology writer for Tech Journey with background of system and network administrator. He has be documenting his experiences in digital and technology world for over 15 years.

Connect with LK through Tech Journey on Facebook, Twitter or Google+.

  • Anon124

    Unfortunately, this doesn't actually disable IPv6, it just turns off some of its features.

    Try using process explorer and viewing service host after you've disabled IPv6 in this fasion. You will likely see at least 1 IPV6 listener.

    Governments are trying to use IPv6 to regain control of the internet (whilst reminding the people ONLY of the IP shortage and touting the "anti-crime" aspect). Where as, infact, its just control they want, for profit, for power (well, I guess they are "government" lol). So, track, trace, control.. My advice use Linux, or use Linux as a software firewall and find a packet filter which can recognise and scrub IPv6 packets (ahhh :)).

    That or just put up with it.

  • Raven

    I think Anon124 is probably right – though I'm going to try this for the 30 billionth time anyway, adding the registry thing, which I have just learned about here, and see if it works that way.

    I have been fighting hackers for years and just discovered that HUGHESNET had been turning off mt Firewalls and Antiviruses so that they could use my PC connection as a server!!

    (I have solid proof of this if anyone is interested in seeing it)

    I had had all the exact same kinds of problems when with Mid Rivers and they wouldn't do anything about it. That's why we went to HughesNet. However, they wouldn't do anything about it either. After trying everything I could over 10 months, a HughesNet employee who called himself "Jimmy" told my Mother that it had been THEM who had been disabling our security software!!!

    Anyway, whatever I have ever tried has never worked and now I know why, and it all finally makes sense. Comparing the events that happened with HN, with the events that happened with MR, it was plain to see why we thought "hackers" had been messing with our software when we were with MR as well…

    It really should be illegal for ISPs to turn off peoples' security and leave them open for attacks so that they can be used to extend the ISP's own networks!

    I left HughesNet for the same reason I left Mid Rivers, and went to another ISP under a different registrar. After 2 from the same registrar had acted in the same ways, I was not about to risk seeing if it was a registrar-wide policy or just a company one.

    Unfortunately, our computer seems to still be getting caught up on the same "local network" so I am trying to find a way around that. I could never find anyone that knows enough about this stuff to help me. Till I do, I'll try disabling the IPv6 again, and I haven't tried disabling the tunnels yet so we will see how that goes, too. I was looking up info about 0.0.0.0 because I was on it with MR, HN, and now still am.

    Is this a "Network Solutions" thing and impossible to get away from? Or is there a way to configure a direct route to get online and bypass the creeps on the local network who hack us?

    Thanks – to all of you who are kind enough to offer info and advice to us who need it badly and cannot afford a consultant…

    Your friend

    Raven

  • Gerardo Linero

    I've applied this to Windows 7 (RC). It works, but has strange effects:

    1) The task bar changed its background colour.

    2) I got the message: "This copy of Windows is not genuine". This changed back to normal ("Evaluation copy") when I opened the computer properties.

    Other than that, it seems to be working OK.

  • Pingback: KTH/DSV New IPv6 Wireless < blog@AndreiNeculau()

  • JAKD

    What Raven is saying about HughesNet "turning off" a firewall and antivirus makes no sense at all. For another party to gain access to a PC shell, that person would need to be logged in. If simply anyone could turn off certain services from remote…then the user has larger problems…most likely a lack of knowledge…

  • Michael

    Hi, I have figured that a few places explain how to switch off IPv6 as it's not being used at the moment anyway.

    But nobody has explained so far, what the advantage of switching that off.

    What's the point ?

    Thanks

  • Disgruntled User

Pin It on Pinterest

Share This

Share This

Share this post with your friends!