[arch-general] iptutils 20150815.1b5d03a-2 and ipv4-only system
Hi, I noticed that ping in [testing]/iputils does not work on systems with disabled IPv6 stack. For example (as root): ---------- # ping archlinux.org ping: socket: Operation not permitted (raw socket required by specified options). # cat /proc/cmdline BOOT_IMAGE=../vmlinuz-linux ... ipv6.disable=1 ... # pacman -Qo ping /usr/bin/ping is owned by iputils 20150815.1b5d03a-2 # getcap /usr/bin/ping /usr/bin/ping = cap_net_raw+ep ---------- I tried playing with cmdline options, without any success. ping from [core]/iputils 20140519.fad11dc-1 does work. Is this a bug or a feature, and does anyone know how to make ping work again? Thanks, -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4 C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
On Tue, 8 Sep 2015 14:14:31 -0600 Leonid Isaev <leonid.isaev@jila.colorado.edu> wrote:
I tried playing with cmdline options, without any success. ping from [core]/iputils 20140519.fad11dc-1 does work. Is this a bug or a feature, and does anyone know how to make ping work again?
You could create an ip6table firewall that just drops most things and leave ipv6 enabled in the kernel. -- Joakim
Tue, 8 Sep 2015 14:14:31 -0600 Leonid Isaev <leonid.isaev@jila.colorado.edu>:
Is this a bug or a feature, and does anyone know how to make ping work again?
Have you tried 'ping -4'? Yes, it's undocumented. --byte
[replying to both emails] On Wed, Sep 09, 2015 at 12:11:29PM +0200, Joakim Hernberg wrote:
On Tue, 8 Sep 2015 14:14:31 -0600 Leonid Isaev <leonid.isaev@jila.colorado.edu> wrote:
I tried playing with cmdline options, without any success. ping from [core]/iputils 20140519.fad11dc-1 does work. Is this a bug or a feature, and does anyone know how to make ping work again?
You could create an ip6table firewall that just drops most things and leave ipv6 enabled in the kernel.
All networks on which I have Arch machines are IPv4-only. So I don't need IPv6...
--
Joakim
On Wed, Sep 09, 2015 at 01:49:34PM +0200, Jens Adam wrote:
Tue, 8 Sep 2015 14:14:31 -0600 Leonid Isaev <leonid.isaev@jila.colorado.edu>:
Is this a bug or a feature, and does anyone know how to make ping work again?
Have you tried 'ping -4'? Yes, it's undocumented.
Yep :( ---------- # ping -4 google.com ping: socket: Operation not permitted (raw socket required by specified options). # ping -N ipv4 google.com ping: socket: Operation not permitted (raw socket required by specified options). ---------- Thanks, -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4 C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
On Wed, 9 Sep 2015 11:35:27 -0600 Leonid Isaev <leonid.isaev@jila.colorado.edu> wrote:
All networks on which I have Arch machines are IPv4-only. So I don't need IPv6...
I'm not a network expert and don't need ipv4 either, but afaik disabling ipv6 with a kernel boot flag is not recommended and one can expect breakage... The ip6table firewall was my solution when I ran into it a while ago. -- Joakim
On Wed, Sep 09, 2015 at 08:04:37PM +0200, Joakim Hernberg wrote:
afaik disabling ipv6 with a kernel boot flag is not recommended and one can expect breakage...
Why? Where is it written? Sure, I don't expect ipv6-specific software to work on my system but the ipv4 stack is fully functional. Thanks, -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4 C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
On Wed, 9 Sep 2015 14:46:25 -0600 Leonid Isaev <leonid.isaev@jila.colorado.edu> wrote:
On Wed, Sep 09, 2015 at 08:04:37PM +0200, Joakim Hernberg wrote:
afaik disabling ipv6 with a kernel boot flag is not recommended and one can expect breakage...
Why? Where is it written?
I'm sorry, I can't find the links anymore. Maybe it's outdated info. Archwiki warns about possible breakage with individual progs though. https://wiki.archlinux.org/index.php/IPv6#Disable_IPv6 -- Joakim
On 10-09-2015 11:06, Joakim Hernberg wrote:
On Wed, 9 Sep 2015 14:46:25 -0600 Leonid Isaev <leonid.isaev@jila.colorado.edu> wrote:
On Wed, Sep 09, 2015 at 08:04:37PM +0200, Joakim Hernberg wrote:
afaik disabling ipv6 with a kernel boot flag is not recommended and one can expect breakage...
Why? Where is it written?
I'm sorry, I can't find the links anymore. Maybe it's outdated info.
Archwiki warns about possible breakage with individual progs though.
It warns about possible breakage if you leave the ipv6 line for localhost in /etc/hosts, nowhere in the wiki it says that you can have breakage if you disable ipv6 and do everything right. On the other hand, if one uses networks that are ipv4 only I'd say it is better to disable ipv6 because when leaving it enabled sometimes it causes hard to track connectivity problems. -- Mauro Santos
participants (4)
-
Jens Adam
-
Joakim Hernberg
-
Leonid Isaev
-
Mauro Santos