Why yum resolve dl.google.com to an IPv6 address?
Solution 1
By default, yum will resolve both IPv4 & IPv6 addresses of host/domain name, see the wireshark screenshot below (I don't know python program, so network traffic capture is the only way to find out how yum resolve host name).
To resolve IPv4 address only, just add ip_resolve=4
or ip_resolve=ipv4
config to yum.conf
(see man yum.conf
for more help). For Fedora, execute the following command from terminal using root account:
echo "ip_resolve=4" >> /etc/yum.conf
To resolve IPv6 address only, change ip_resolve=4
above to ip_resolve=6
.
Other programs
wget
and curl
# To resolve IPv4 address only
wget -4
curl -4
# To resolve IPv6 address only
wget -6
curl -6
host
host
also have -4
and -6
options, but they don't have same meaning wget & curl, they force host
to use IPv4/IPv6 transport to query host name.
# To resolve IPv4 address only
host -t A
# To resolve IPv6 address only
host -t AAAA
Solution 2
= EDIT =
It turns out yum
was correctly trying both ipv4 and ipv6. And the dns resolver in glibc correctly detected that your computer does not have a routable ipv6 address, so it preferred the ipv4 address. However glibc still returned the ipv6 address. It it just put the ipv6 address at the bottom of the preference list.
So yum
tried the ipv6 address last. Unfortunately, it seems that yum
only showed the last error. So yum
only showed the error for ipv6 - which you already expected would fail! - and did not show what the error was for ipv4.
= Previous answer - which was completely wrong about the problem =
I don't know about yum. The error sounds like it's missing an implementation of Happy Eyeballs, i.e. fallback to ipv4. There is an ipv6 address...
$ host dl.google.com dl.google.com is an alias for dl.l.google.com. dl.l.google.com has address 173.194.34.132 ...many randomly permuted addresses... dl.l.google.com has address 173.194.34.137 dl.l.google.com has IPv6 address 2a00:1450:400c:c06::5d
Apparently there is a workaround for when this goes wrong, which is to edit /etc/gai.conf and uncomment the line precedence ::ffff:0:0/96 100
. This gives precedence to ipv4 addresses.
I think normally it should just work. You'll have a link-local ipv6 address, but a site-local ipv4 address (or a public one without NAT). The libc DNS resolver should then prefer ipv4 destinations. This is specified in RFC 3484.
I wonder if this is a Teredo-style problem. Has your router (e.g. an Apple Airport) assigned you a global IPV6 address through an unreliable tunnel? My computer (no global ipv6) looks like this:
$ ip addr |grep inet6 inet6 ::1/128 scope host inet6 fe80::215:afff:fe9f:fcd2/64 scope link
Solution 3
You can completely disable IPv6 by adding
net.ipv6.conf.all.disable_ipv6 = 1
to a file in /etc/sysctl.d
, for example /etc/sysctl.d/disable-ipv6.conf
.
Related videos on Youtube
LiuYan 刘研
// unsigned char *p; // Map<String,Object> map; -- SELECT Name FROM ab -- INNER JOIN cdr ON ab.PhoneNumber=cdr.PhoneNumber /* pre {font-family: 'Ubuntu Mono';} */ <!-- <pre>&copy; right?</pre> --> // function f() {} # echo -e "your message:\n$(fortune)" | \ # gpg -e --clearsign -o - -r [email protected] REM if ""%1"" == """" goto default ; exten => 911,1,Answer() svn commit -m "to be continue"
Updated on September 18, 2022Comments
-
LiuYan 刘研 almost 2 years
I installed Google chrome browser on Fedora 18. Now when I try update softwares using
yum upgrade
, it report the following error and I can't get chrome updated.http://dl.google.com/linux/chrome/rpm/stable/x86_64/repodata/repomd.xml: [Errno 14] curl#7 - "Failed to connect to 2404:6800:4005:c00::88: Network is unreachable"
It looks like dl.google.com is resolved to an IPv6 address, but I don't use IPv6, and
ping dl.google.com
returns an IPv4 address as expected.# ping dl.google.com PING dl.l.google.com (74.125.128.93) 56(84) bytes of data.
What's the possible reason, and how can I fix this?
-
Admin over 11 yearsNot sure about other implementations of ping, but at least the ping from
iputils
only uses IPV4,ping6
uses IPv6.
-
-
LiuYan 刘研 over 11 yearsweird,
yum provides "/etc/gai.conf"
said it's inglibc
package, I've already installed glibc, but I don't havegai.conf
file under/etc
. This's agai.conf
file under/usr/share/doc/glibc-common-2.16
which comes fromglibc-common
package -
LiuYan 刘研 over 11 yearsmy router is TP-Link WRT841N, it only understand IPv4.
ip addr
shows inet6 entries, but they're already there before (i probably refuse to use IPv6 in my life, i don't need it). -
LiuYan 刘研 over 11 yearscreated
/etc/gai.conf
manually with the following content:reload yes
precedence ::ffff:0:0/96 100
, but i still got same error -
LiuYan 刘研 over 11 yearswell, i added this config, restart computer, and
ip addr
does not show inet6 entries anymore, but the error still occurs. -
LiuYan 刘研 almost 11 yearsthe actual reason is our "great firewall" blocked the ip addresses which resolved by the DNS server, so yum (or the backend libcurl?) may try every IPv4 address until the last IPv6 address failed to connect. I'll choose this answer which closest to the reason. after an IP address of dl.google.com which is not blocked by GFW to /etc/hosts, 'yum update' works fine now.
-
user2948306 almost 11 years@LiuYan刘研, that explanation about Yum's behaviour seems quite useful to me. It would be nice to have it as an answer - I would upvote it :). I expect there are more scenarios where google.com IPs would be inaccessible, beyond the content filtering applied by one particular nation.
-
LiuYan 刘研 over 10 yearsjust added my answer with wireshark screenshot.