Is it safe to disable IPv6 on my Debian server?

Solution:

Solution 1:

No, do not disable IPv6. It breaks things, turns users without v4 away, and makes more work for your future project to use IPv6.

A host with only IPv4 addresses and routes will serve web sites just fine without doing anything. v4 and dual stack hosts can still get to it.

You cite forum posts circa 2008. And even then disabling IPv6 was an uninformed shot in the dark, I see no v6 in use in their terminal output. Further, in the time since, IPv6 has gone from early adopters to mature and widely deployed.

Use web site performance analytics to measure what is slow. Tools exist to simulate real user load on a slow connection, or to instrument actual user performance in their browser. Use F12 browser developer tools, for example. Prove exactly which requests. Then trace requests through your web server stack and see what is involved in serving it.

Solution 2:

If IPv6 is misconfigured on your server, then it not only could be part of the problem, but it probably isn't serving anybody anyhow. A scan of the web server logs or a bit of network monitoring should show how many endusers, if any, are using IPv6 to reach you. If there seem to be few or none, then the diagnostic benefit of running without it for a trial period likely outweighs the cost. And if that fixes it, then conclude that there's some misconfiguration in your ipv6 setup that ought to be addressed.

I've had direct involvement with two incidents in which misconfigured ipv6 caused very significant performance issues. In both cases (and I'm going to go light on details) IPv6 appeared to be running, so applications attempted to use it, but it wasn't being properly routed, so the traffic timed out. A timeout for, say, a dns lookup on every mail message or every web request will kill performance for sure.

Swearing off IPv6 completely is a bit Luddite. The moral is: if it's enabled, make sure it's properly configured.