# Forcing pkg bootstrap to use IP4 not IPv6



## dvl@ (Dec 28, 2020)

I am trying to persuade `pkg` on FreeBSD 12.2 to use IP4 when doing a bootstrap. I have 'IP_VERSION: 4' in /usr/local/etc/pkg.conf but tcpdump proves `pkg` is trying via IPv6.

Attempts to specify IP4 on the command line do not accomplish the goal either:

`env ASSUME_ALWAYS_YES=YES IP_VERSION=4 pkg bootstrap -f`

Via `tcpdump` I can see the outgoing connections to port 80.

edit: this is being run in a jail.


----------



## ljboiler (Dec 28, 2020)

Isn't the command-line option `-4` or `-6`?


----------



## dvl@ (Dec 28, 2020)

Yes, yes it is.  I have tried them too.

It also seems to be pkg(7) not pkg(8)

see pkg.conf() for references to `IP_VERSION`


----------



## al mello (Dec 28, 2020)

I'm also experiencing problems with pkg and, after seen your post - thanks! - i've disabled IPv6 on my server and pkg worked fine. Do we know what could be causing this IPv6 request to fail? I don't need IPv6 on my server at this moment, but will soon after the planned VMs are up and configured.


----------



## dvl@ (Dec 28, 2020)

In my case, it's routing.  There is no public IPv6 route out.  Only local IPv6.


----------



## SirDice (Dec 29, 2020)

The /usr/sbin/pkg is pkg(7) and is the bootstrap. It uses various functions from fetch(3). It will just use whatever address DNS provides, which could be an IPv6 address. As far as I can tell there's nothing in the code to limit this to IPv4 or IPv6. 

As long as the DNS requests don't provide IPv6 addresses it should be fine. But there's nothing in resolv.conf(5) that could be used for this. If you use unbound (or some other DNS provider) you could limit it there (this would also fix any other type of connection as those could fail to connect on IPv6 too). 

Probably the best way in this case is to use ip6addrctl(8), you can enable it from /etc/rc.conf:

```
ip6addrctl_enable="YES"
ip6addrctl_policy="AUTO"
```
You can add your preferences in /etc/ip6addrctl.conf.


----------



## dvl@ (Dec 29, 2020)

Not stated: this is being run in a jail.


----------



## ucomp (Dec 29, 2020)

did you try 
`sysctl -w net.inet6.ip6.v6only = 0` 
?


----------



## dvl@ (Dec 29, 2020)

ucomp said:


> sysctl -w net.inet6.ip6.v6only = 0


Yes, that has no affect. It still tries IPv6.


----------



## dvl@ (Dec 29, 2020)

SirDice said:


> You can add your preferences in /etc/ip6addrctl.conf.


That file is remarkably undocumented from what I failed to find. :/

For now, when I need to `pkg bootstrap`, I will comment out the [FONT=courier new]ip6[/FONT] lines in /etc/jail.conf

I did this this:


```
ip6addrctl_enable="YES"
ip6addrctl_policy="ipv4_prefer"
```

Followed by `sudo service ip6addrctl start`

The jail still prefers IPv6 for `pkg bootstrap`.


----------



## tingo (Dec 29, 2020)

Time to write a problem report?


----------



## dvl@ (Dec 29, 2020)

tingo said:


> Time to write a problem report?


See PR 252270


----------

