Recently I installed a Debian 7 VPS on Linode and as first thing I wanted to do an update of the system, but I found a small problem in doing this :
# apt-get update 0% [Connecting to ftp.us.debian.org (2610:148:1f10:3::89)] [Connecting to security.debian.org (2607:ea00:101:3c0b:207:e9ff:fe00:e595)] Get:1 http://ftp.us.debian.org wheezy Release.gpg [1,672 B] ... Get:15 http://security.debian.org wheezy/updates/main Translation-en [56.6 kB] Fetched 16.3 MB in <strong>4min 0s</strong> (67.5 kB/s) Reading package lists... Done
So 4 minutes to just update my repositories (and I had just the default for a Debian 7 just installed), this is due to the fact that linode VPS are IPV6 ready and so the servers of this company try to connect to security.debian.org via its IPv6 address by default when running
apt-get update, and that results in having to wait for a lengthy timeout whenever you try to download updates of any sort.
But luckily change the system so apt-get will use IPV4 it’s not so hard.
Let’s say that we have the server name security.debian.org these are all the IPs associated with that name on the DNS:
# host security.debian.org security.debian.org has address 184.108.40.206 security.debian.org has address 220.127.116.11 security.debian.org has address 18.104.22.168 security.debian.org has IPv6 address 2607:ea00:101:3c0b:207:e9ff:fe00:e595 security.debian.org has IPv6 address 2001:4f8:8:36::6 security.debian.org mail is handled by 10 chopin.debian.org.
As you can see this name has both ipv4 and ipv6 addresses, to check which address are you using by default you can use the
telnet command on port 80 (http)
# telnet security.debian.org 80 Trying 2607:ea00:101:3c0b:207:e9ff:fe00:e595...
What we want to do now it’s tell to
apt-get to use as precedence the ipv4 address, and to do this you can change the file
/etc/gai.conf, from it’s man page:
NAME gai.conf - getaddrinfo(3) configuration file DESCRIPTION A call to getaddrinfo(3) might return multiple answers. According to RFC 3484 these answers must be sorted so that the answer with the highest success rate is first in the list. The RFC provides an algorithm for the sorting. The static rules are not always adequate, though. For this reason the RFC also requires that system administrators get the chance to dynamically change the sorting. For the glibc implementation this can be achieved with the /etc/gai.conf file.
Now to make it shorter I’ll tell you that you have to add at the bottom of the file /etc/gai.conf this directive:
precedence ::ffff:0:0/96 100
And to test that everything is working as expected use the
telnet command once again:
root@li419-225:~# telnet security.debian.org 80 Trying 22.214.171.124...
As you can see the system it’s now using the ipv4 ip to connect to the website security.debian.org.
Congratulations now your VPS will prefer IPV4, if you now use apt-get commands you’ll see a much faster answer and no timeout at all.
Once that you want to restore the default (IPV6 as first choice), you just have to remove that line and everything will work with IPV6.
- Linux Terminal: An lsof Primer
- How to check if you are vulnerable to shellshock
- Ripping DVD with Handbrake on Linux
- Linux: Timeouting commands in shell scripts
- Switching to Linux, Checklist
Find me on Google+