Nebula will not start on ipv4-only host #467
Comments
|
I had the same problem on a host, worked after re-enabling ipv6. |
On some systems, IPv6 is disabled (for example, CIS benchmark recommends to disable it when not used), but currently all UDP connections are using AF_INET6 sockets. When we are binding AF_INET6 socket to an address like ::ffff:1.2.3.4 (IPv4 addresses are parsed by net.Listen this way), we can't send or receive IPv6 packets anyway, so this will not break any scenarios. Fixes slackhq#467
|
@jilyaluk thanks for the PR. I hope the Nebula team will merge it. |
|
facing same issue, ipv6 is disabled for security, unable to use nebula |
On some systems, IPv6 is disabled (for example, CIS benchmark recommends to disable it when not used), but currently all UDP connections are using AF_INET6 sockets. When we are binding AF_INET6 socket to an address like ::ffff:1.2.3.4 (IPv4 addresses are parsed by net.Listen this way), we can't send or receive IPv6 packets anyway, so this will not break any scenarios. Fixes slackhq#467
On some systems, IPv6 is disabled (for example, CIS benchmark recommends to disable it when not used), but currently all UDP connections are using AF_INET6 sockets. When we are binding AF_INET6 socket to an address like ::ffff:1.2.3.4 (IPv4 addresses are parsed by net.Listen this way), we can't send or receive IPv6 packets anyway, so this will not break any scenarios. Fixes slackhq#467
|
@nbrownus @wadey @rawdigits @johnmaguire |
|
can this be merged? We want to use this tool but are unable to due to ipv6 requirements |
|
Same here. Please allow option to disable ipv6 sockets. |
1 similar comment
|
Same here. Please allow option to disable ipv6 sockets. |
|
Hi @Savemech - we're aware of the issue with IPv4-only hosts and have plans to resolve the issue. Unfortunately we don't have an ETA at this time. The best way to help us prioritize this is to let us know you're affected by voting on the original post with a 👍 reaction. |
Supposedly fixes issue 467 (slackhq#467)
|
Just ran into the same issue on an embedded platform, it's been a year since the last update. Is there any timeline for when that PR might land? What's the blockers for #506? |
Supposedly fixes issue 467 (slackhq#467)
|
I have the same issue right now |
johnmaguire
added
the
NeedsFix
wadey
removed
the
NeedsFix
|
This has been fixed with #787 |
Hello,
Is it a hard requirement that ipv6 be available on all hosts running nebula as of v1.4.0? I started upgrading one of my lighthouses to v1.4.0, only to find that nebula would crash out when starting up due to "unable to open socket: address family not supported by protocol".
I had that host set to have ipv6.disable=1 within its GRUB configuration, and after changing the GRUB entry to remove the ipv6 flag, nebula was able to start fine after the reboot, and the UDP listener binded to [::ffff:0.0.0.0] just fine. Afterwards I also explicitly disabled ipv6 on all interfaces but loopback, and nebula also started up fine in that scenario. It seems it's just looking to ensure that the ipv6 kernel module is loaded?
I saw some discussions about ipv6 in other issues, as well as the PR below, but nothing made it sound like ipv6 was now a hard requirement.
#369
Thank you.
The text was updated successfully, but these errors were encountered: