pkg icon indicating copy to clipboard operation
pkg copied to clipboard
verified publisher icon freebsd

IPv6 does not work correctly

Open rootwyrm opened this issue 6 years ago • 2 comments

This is an interesting one; immediately obvious when I got truss out. Correctly configured dual-stack environment with fully working DNS. But pkg itself appears to be truncating IPv6 addresses when doing connect() for update and install at minimum. It then attempts to connect to IPv4 but fails to ever connect. The exact same host works fine with pkg -4 update. Note that IPs are sanitized here.

[root@teldrassil ~]# host teldrassil
teldrassil.dragonnorth.pvt has address 10.1.0.30
teldrassil.dragonnorth.pvt has IPv6 address 2001:XXX:ABCD:3130::30
[root@teldrassil ~]# truss -f pkg update
... lots of normal output trimmed ...
14280: fstatat(AT_FDCWD,"/etc/nsswitch.conf",{ mode=-rw-r--r-- ,inode=401804,size=390,blksize=32768 },0x0) = 0 (0x0)
14280: open("/etc/hosts",O_RDONLY|O_CLOEXEC,0666) = 6 (0x6)
14280: fstat(6,{ mode=-rw-r--r-- ,inode=401371,size=1178,blksize=32768 }) = 0 (0x0)
14280: read(6,"# $FreeBSD: releng/12.1/lib/libc"...,32768) = 1178 (0x49a)
14280: read(6,0x800f8d840,32768)                 = 0 (0x0)
14280: close(6)                                  = 0 (0x0)
14280: __sysctl(0x7fffffff9190,0x4,0x0,0x7fffffff92b0,0x0,0x0) = 0 (0x0)
14280: __sysctl(0x7fffffff9190,0x4,0x800f70000,0x7fffffff92b0,0x0,0x0) = 0 (0x0)
14280: socket(PF_INET6,SOCK_DGRAM|SOCK_CLOEXEC,IPPROTO_UDP) = 6 (0x6)
--> 14280: connect(6,{ AF_INET6 [2001:XXX:3130::30]:1 },28) = 0 (0x0) <-- INCORRECT IP
--> 14280: getsockname(6,{ AF_INET6 [2001:XXX:ABCD:3130::30]:31559 },0x7fffffff913c) = 0 (0x0) <-- CORRECT IP
14280: ioctl(6,SIOCGIFAFLAG_IN6,0x7fffffff9190)  ERR#6 'Device not configured'
14280: close(6)                                  = 0 (0x0)
--> IPv4 begins here, just hangs, never times out
14280: socket(PF_INET,SOCK_DGRAM|SOCK_CLOEXEC,IPPROTO_UDP) = 6 (0x6)
14280: connect(6,{ AF_INET 10.1.0.30:1 },16)     = 0 (0x0)
14280: getsockname(6,{ AF_INET 10.1.0.30:17352 },0x7fffffff913c) = 0 (0x0)
14280: close(6)                                  = 0 (0x0)
14280: socket(PF_INET6,SOCK_STREAM,IPPROTO_TCP)  = 6 (0x6)

rootwyrm avatar Feb 09 '20 16:02 rootwyrm

Is this using FTP? Do you get the same issue when running the fetch command to your server? This could be a libfetch bug. If you are using FTP, do you know what FTP server is running? If you are using FreeBSD's ftpd, does running ftpd with the -E flag on / off make any difference?

CandyGumdrop avatar Feb 19 '20 10:02 CandyGumdrop

No, this is just broken IPv6 behavior in pkg.

I have a pure IPv6 system I'm working on. pkg update ignores that the only possible interface is IPv6 and queries for A before puking. fetch and libfetch do it right without having to be told to use IPv6, with the same URL. Fine, pkg -6 update.

pkg then makes a partially broken AAAA query for the specified record, then goes and makes a bunch more broken AAAA queries going down the full search list - both on failure and success. Again, this behavior is not present in libfetch or fetch. Both of these have NO trouble figuring out that they should be using IPv6 because there is no IPv4.

rootwyrm avatar Jul 21 '20 16:07 rootwyrm