Can't browse IPv6 Websites
I am using 20.04 LTS, but suddenly I can't browse websites which has their IP addresses as IPv6, for example (hepsiburada.com).
Even apt update command no longer works, because Launchpad is redirecting to an IPv6 address:
W: Couldn't get http://ppa.launchpad.net/ubuntubudgie/backports/ubuntu/dists/focal/InRelease ppa.launchpad.net:80 (2001:67c:1560:8008::19). - connect (101: Network is unreachable)
Also:
$ ping ipv6.google.com
ping: connect: Network is unreachable
However, I can browse all the other IPv4 websites just fine with no issues.
What could be the issue?
Update: I have identified that the apt issue has ties to HTTPS or a certificate issue, so it sounds like it is not exactly an IPv6 issue. My ISP was found to not support IPv6 addresses. Still, as I said in a comment, I can't browse websites like hepsiburada.com
and yurticikargo.com
and suratkargo.com.tr
, even Google fails to load some times.
/etc/grub/default
:
# If you change this file, run 'update-grub' afterwards to update # /boot/grub/grub.cfg. # For full documentation of the options in this file, see: # info -f grub -n 'Simple configuration' GRUB_DEFAULT=0 GRUB_TIMEOUT_STYLE=hidden GRUB_TIMEOUT=10 GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian` GRUB_CMDLINE_LINUX_DEFAULT="ipv6.disable=1 quiet splash nvme_core.default_ps_max_latency_us=0" GRUB_CMDLINE_LINUX="" # Uncomment to enable BadRAM filtering, modify to suit your needs # This works with Linux (no patch required) and with any kernel that obtains # the memory map information from GRUB (GNU Mach, kernel of FreeBSD ...) #GRUB_BADRAM="0x01234567,0xfefefefe,0x89abcdef,0xefefefef" # Uncomment to disable graphical terminal (grub-pc only) #GRUB_TERMINAL=console # The resolution used on graphical terminal # note that you can use only modes which your graphic card supports via VBE # you can see them in real GRUB with the command `vbeinfo' #GRUB_GFXMODE=640x480 # Uncomment if you don't want GRUB to pass "root=UUID=xxx" parameter to Linux #GRUB_DISABLE_LINUX_UUID=true # Uncomment to disable generation of recovery mode menu entries #GRUB_DISABLE_RECOVERY="true" # Uncomment to get a beep at grub start #GRUB_INIT_TUNE="480 440 1"
/etc/gai.conf
:
# Configuration for getaddrinfo(3). # # So far only configuration for the destination address sorting is needed. # RFC 3484 governs the sorting. But the RFC also says that system # administrators should be able to overwrite the defaults. This can be # achieved here. # # All lines have an initial identifier specifying the option followed by # up to two values. Information specified in this file replaces the # default information. Complete absence of data of one kind causes the # appropriate default information to be used. The supported commands include: # # reload # If set to yes, each getaddrinfo(3) call will check whether this file # changed and if necessary reload. This option should not really be # used. There are possible runtime problems. The default is no. # # label # Add another rule to the RFC 3484 label table. See section 2.1 in # RFC 3484. The default is: # #label ::1/128 0 #label ::/0 1 #label 2002::/16 2 #label ::/96 3 #label ::ffff:0:0/96 4 #label fec0::/10 5 #label fc00::/7 6 #label 2001:0::/32 7 # # This default differs from the tables given in RFC 3484 by handling # (now obsolete) site-local IPv6 addresses and Unique Local Addresses. # The reason for this difference is that these addresses are never # NATed while IPv4 site-local addresses most probably are. Given # the precedence of IPv6 over IPv4 (see below) on machines having only # site-local IPv4 and IPv6 addresses a lookup for a global address would # see the IPv6 be preferred. The result is a long delay because the # site-local IPv6 addresses cannot be used while the IPv4 address is # (at least for the foreseeable future) NATed. We also treat Teredo # tunnels special. # # precedence # Add another rule to the RFC 3484 precedence table. See section 2.1 # and 10.3 in RFC 3484. The default is: # #precedence ::1/128 50 #precedence ::/0 40 #precedence 2002::/16 30 #precedence ::/96 20 #precedence ::ffff:0:0/96 10 # # For sites which prefer IPv4 connections change the last line to # #precedence ::ffff:0:0/96 100 # # scopev4 # Add another rule to the RFC 6724 scope table for IPv4 addresses. # By default the scope IDs described in section 3.2 in RFC 6724 are # used. Changing these defaults should hardly ever be necessary. # The defaults are equivalent to: # #scopev4 ::ffff:169.254.0.0/112 2 #scopev4 ::ffff:127.0.0.0/104 2 #scopev4 ::ffff:0.0.0.0/96 14 precedence ::ffff:0:0/96 100
/etc/sysctl.conf
:
# # /etc/sysctl.conf - Configuration file for setting system variables # See /etc/sysctl.d/ for additional system variables. # See sysctl.conf (5) for information. # #kernel.domainname = example.com # Uncomment the following to stop low-level messages on console #kernel.printk = 3 4 1 3 ##############################################################3 # Functions previously found in netbase # # Uncomment the next two lines to enable Spoof protection (reverse-path filter) # Turn on Source Address Verification in all interfaces to # prevent some spoofing attacks #net.ipv4.conf.default.rp_filter=1 #net.ipv4.conf.all.rp_filter=1 # Uncomment the next line to enable TCP/IP SYN cookies # See http://lwn.net/Articles/277146/ # Note: This may impact IPv6 TCP sessions too #net.ipv4.tcp_syncookies=1 # Uncomment the next line to enable packet forwarding for IPv4 #net.ipv4.ip_forward=1 # Uncomment the next line to enable packet forwarding for IPv6 # Enabling this option disables Stateless Address Autoconfiguration # based on Router Advertisements for this host #net.ipv6.conf.all.forwarding=1 ################################################################### # Additional settings - these settings can improve the network # security of the host and prevent against some network attacks # including spoofing attacks and man in the middle attacks through # redirection. Some network environments, however, require that these # settings are disabled so review and enable them as needed. # # Do not accept ICMP redirects (prevent MITM attacks) #net.ipv4.conf.all.accept_redirects = 0 #net.ipv6.conf.all.accept_redirects = 0 # _or_ # Accept ICMP redirects only for gateways listed in our default # gateway list (enabled by default) # net.ipv4.conf.all.secure_redirects = 1 # # Do not send ICMP redirects (we are not a router) #net.ipv4.conf.all.send_redirects = 0 # # Do not accept IP source route packets (we are not a router) #net.ipv4.conf.all.accept_source_route = 0 #net.ipv6.conf.all.accept_source_route = 0 # # Log Martian Packets #net.ipv4.conf.all.log_martians = 1 # ################################################################### # Magic system request Key # 0=disable, 1=enable all, >1 bitmask of sysrq functions # See https://www.kernel.org/doc/html/latest/admin-guide/sysrq.html # for what other values do #kernel.sysrq=438 net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1 net.ipv6.conf.lo.disable_ipv6 = 1
Update 2: So after investigation it turns out this issue has nothing to do with IPv6. Yes my network does not support IPv6 but it looks like I have other issues from my ISP, which has nothing to do with Ubuntu specifically since I am having the same issues on my android phone using the same network.
Thanks for everyone who helped and suggested ideas, and sorry to bother you about a wrong problem.
Solution 1:
A few notes that may help. You would increase your chances of killing the issue if you post prompt feedback.
Possible solutions / things to try
-
EDIT If your computer is portable, try doing the same from a different location. This shows a case with similar symptoms as yours, with hardware as s source of problems. Or you can use you cell phone as USB tethering.
-
EDIT Same as above, from a place with a combination ISP/router that supports IPV6 and has it enabled.
-
Suppress IPV6 (necessary if IPV6 is definitively not available)
1.1. Add
ipv6.disable=1
to the value ofGRUB_CMDLINE_LINUX_DEFAULT
(usually having the value"quiet splash"
) ingrub
. Use$ sudo nano /etc/default/grub <EDIT>, <SAVE> $ sudo update-grub
1.2. Reboot.
-
Suppress IPV6. Append to
/etc/gai.conf
the following line:precedence ::ffff:0:0/96 100
or uncomment it if it exists.
-
Suppress IPV6 (source). Use (I am not sure the last command is needed)
$ sudo nano /etc/sysctl.conf <EDIT>, <ADD LINES BELOW>, <SAVE> net.ipv6.conf.all.disable_ipv6 = 1 net.ipv6.conf.default.disable_ipv6 = 1 net.ipv6.conf.lo.disable_ipv6 = 1 $ sudo sysctl --load $ sudo systemctl restart networking
-
Suppress IPV6 only for
apt-get
. Add-o Acquire::ForceIPv4=true
when runningapt-get
. Or make it permanent as in here.
Extra helpful info
Please post in the question the output of the following commands
cat /etc/default/grub
cat /etc/gai.conf
cat /etc/sysctl.conf
-
EDIT
cat /etc/apt/sources.list
-
EDIT
inxi -N
-
EDIT
lspci -knn | grep Net -A2
Please add info on the following points
- You mention "suddenly I can't browse websites which has their IP addresses as IPv6". Were you able to browse those same sites before? With the same software and hardware that you currently cannot? Can you identify any change in between?
- EDIT Brand/model of your computer.
- EDIT Outcome of (renumbered) items 1 and 2 above.
Related
- Error 101: Network is unreachable when trying to update
Solution 2:
Try removing iface eth0 inet dhcp
and iface eth0 inet6 dhcp
from /etc/network/interfaces
. Network Manager will receive an IPv6 address if it is available.
If you have to use manual configuration in /etc/network/interfaces, the correct setting for IPv6 will be iface eth0 inet6 auto
since in many cases DHCPv6 is not used on a router. The most common is SLAAC configuration.