My workaround for leaking IPv6, with symptom of acting like your not on your intended VPN network, you need to workaround this with a separate profile in NetworkManager. You can of course just make this profile your main profile if you don’t ever want IPv6.
Note: VPN is perfectly capable of working over IPv6 too, but perhaps your work/school doesn’t have IPv6.
The least effort way for me was to create an “LANv4” profile in NetworkManager, with the following options:
- General > UNCHECK “Automatically connect to this network when it is available”
- IPv6 Settings > Method: Ignore
Now when I want to connect to VPN it’s three steps
- In Ubuntu desktop toolbar, Disable networking, Enable Networking
- select LANv4
- Connect to VPN
Verify no IPv6 on VPN
It is possible to disable IPv6 persistently by adding to
/etc/sysctl.conf the line
net.ipv6.conf.all.disable_ipv6 = 1
but I want to use IPv6 most of the time.