nipennem
n00b
Joined: 29 Jul 2011
Posts: 3
|
 Posted: Mon Aug 22, 2011 6:05 pm Post subject: [SOLVED] Binding to IPv6 addresses fails at boot time |
 |
|
Hi,
Recently set up a machine which will serve as LAN file server with Gentoo.
I have two servers on the Internet with IPv6 available, but I am not using IPv6 for anything yet. Of course I'd like to test IPv6, and I figured at good starting point would be my LAN, and not a 'production' server. So I've set up IPv6 on my LAN file server, and I've given it a static IP address in the fd00::/8 range.
I've also set up my desktop with IPv6, on the same LAN. IPv6 connectivity between the two machines is working fine. I've tested this by using ping6 from each side. Since I was running OpenSSH on the file server with the default configuration, it was also available over IPv6, and it worked fine too. I also tested Apache and Samba in the same way.
The next steps were to
- configure sshd to listen on that specific IPv6 address;
- start sshd at boot.
I did the very same thing for Apache.
After a reboot, the following happens:
- The networking init script runs and succesfully adds one IPv4 and one IPv6 address to my one and only network interface eth0 -- so far so good.
- sshd starts, apparently succesfully.
- Apache starts, complains that it cannot bind to my IPv6 address, and stops.
In the end, neither sshd nor Apache is running. The output of | Code: | | /etc/init.d/sshd status |
is "crashed". In the logs, sshd says "Caught signal 15; quitting". Apache says nothing in its logs (default configuration there).
When I then start sshd and Apache manually, they just... work.
OpenRC log (parallel off)
| Code: |
rc boot logging started at Mon Aug 22 20:15:17 2011
* Setting system clock using the hardware clock [UTC] ...
[ ok ]
* Autoloaded 0 module(s)
* Checking local filesystems ...
/dev/sda2: clean, 296123/30908416 files, 3214161/123633100 blocks
/dev/sda1: clean, 205/8192 files, 22646/32768 blocks
[ ok ]
* Remounting root filesystem read/write ...
[ ok ]
* Updating /etc/mtab ...
[ ok ]
* Mounting local filesystems ...
[ ok ]
* Configuring kernel parameters ...
[ ok ]
* Creating user login records ...
[ ok ]
* Cleaning /var/run ...
[ ok ]
* Wiping /tmp directory ...
[ ok ]
* Loading ALSA modules ...
[ ok ]
* Restoring Mixer Levels ...
[ ok ]
* Setting hostname to blikman ...
[ ok ]
* Setting terminal encoding [UTF-8] ...
[ ok ]
* Setting keyboard mode [UTF-8] ...
[ ok ]
* Loading key mappings [be-latin1] ...
[ ok ]
* Bringing up interface lo
* 127.0.0.1/8 ...
[ ok ]
* Adding routes
* 127.0.0.0/8 via 127.0.0.1 ...
[ ok ]
* Mounting misc binary format filesystem ...
[ ok ]
* Activating swap devices ...
[ ok ]
* Initializing random number generator ...
[ ok ]
rc boot logging stopped at Mon Aug 22 20:15:22 2011
rc default logging started at Mon Aug 22 20:15:22 2011
* Starting up RAID devices ...
[ ok ]
* Starting metalog ...
[ ok ]
* Starting acpid ...
[ ok ]
* Bringing up interface eth0
* 172.17.2.9/24 ...
[ ok ]
* fddf:dead:beef::1/48 ...
[ ok ]
* Adding routes
* default via 172.17.2.1 ...
[ ok ]
* Mounting network filesystems ...
[ ok ]
* Starting sshd ...
[ ok ]
* Starting apache2 ...
[Mon Aug 22 20:15:23 2011] [warn] NameVirtualHost fddf:dead:beef::1:80 has no VirtualHosts
(99)Cannot assign requested address: make_sock: could not bind to address [fddf:dead:beef::1]:80
no listening sockets available, shutting down
Unable to open logs
[ !! ]
* ERROR: apache2 failed to start
* Starting ntpd ...
[ ok ]
* samba -> start: smbd ...
[ ok ]
* samba -> start: nmbd ...
[ ok ]
* Doing udev cleanups
* Starting vixie-cron ...
[ ok ]
* Starting local
[ ok ]
rc default logging stopped at Mon Aug 22 20:15:35 2011
|
Any ideas?
EDIT: solution provided by Steven Chamberlain
As pointed out at http://pyro.eu.org/how-to/micro/nginx-cannot-assign-requested-address-ipv6.txt, this is a generic problem when addresses that are added are still tentative. The solution posted there is not immediately usable with OpenRC, but can be easily adapted.
If you have iproute2, the following postup script does magic (this script should be added to /etc/conf.d/net; see net.example for more info on postup etc.):
| Code: |
postup()
{
SECONDS_WAITING=0
TIMEOUT=20
while ip -6 -o addr show dev ${IFACE} tentative | grep -q ' scope global '; do
sleep 1
((SECONDS_WAITING=SECONDS_WAITING+1))
if [ $SECONDS_WAITING -ge $TIMEOUT ]; then
echo "Warning: globally scoped IPv6 addresses still tentative on interface ${IFACE} after ${SECONDS_WAITING} seconds; continuing..."
break
fi
done
}
|
It will wait up to TIMEOUT seconds for all global IPv6 addresses to leave tentative state on any interface that's brought up. Link-local addresses are not considered; if you need them change 'scope global' to . (just a dot, no quotes). |
|
Networking & Security
