Postfix tries to connect to IPV6 servers and gets "Network unreachable" error

ipv6
postfix
network

(Matthieu Gaillet) #1

Hi,

I just configured a dedicated server in a proxmox environment. I successfully configured the network following the provider’s guideline and actually didn’t considered anything ipv6 related.

I just noticed that postfix tried to connect to some smtp servers using their ipv6 adresse and got a “network unreachable” message.

What can I do to disable ipv6 (to begin with) ?

Thanks

Matthieu

EDIT : some output from configuration :

[root@cloud ~]# ifconfig -a
ens19 (GREEN): flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.10.10.1  netmask 255.255.255.0  broadcast 10.10.10.255
        inet6 fe80::7c32:79ff:fedb:3c1e  prefixlen 64  scopeid 0x20<link>
        ether 7e:32:79:db:3c:1e  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 13  bytes 978 (978.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0 (RED): flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet *.*.*.*  netmask 255.255.255.255  broadcast *.*.*.*
        inet6 fe80::ff:*:*  prefixlen 64  scopeid 0x20<link>
        ether 02:00:00:36:58:0f  txqueuelen 1000  (Ethernet)
        RX packets 9683883  bytes 2065832230 (1.9 GiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 9027015  bytes 23400499232 (21.7 GiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@cloud ~]# ip -6 route
unreachable ::/96 dev lo metric 1024 error -113 pref medium
unreachable ::ffff:0.0.0.0/96 dev lo metric 1024 error -113 pref medium
2001:41d0:*:*::/56 dev eth0 proto kernel metric 256 expires 2505020sec pref medium
unreachable 2002:a00::/24 dev lo metric 1024 error -113 pref medium
unreachable 2002:7f00::/24 dev lo metric 1024 error -113 pref medium
unreachable 2002:a9fe::/32 dev lo metric 1024 error -113 pref medium
unreachable 2002:ac10::/28 dev lo metric 1024 error -113 pref medium
unreachable 2002:c0a8::/32 dev lo metric 1024 error -113 pref medium
unreachable 2002:e000::/19 dev lo metric 1024 error -113 pref medium
unreachable 3ffe:ffff::/32 dev lo metric 1024 error -113 pref medium
fe80::/64 dev ens19 proto kernel metric 256 pref medium
fe80::/64 dev eth0 proto kernel metric 256 pref medium
fe80::/64 dev tunbrass proto kernel metric 256 pref medium
fe80::/64 dev tunrw proto kernel metric 256 pref medium

[root@cloud ~]# cat /etc/sysconfig/network
# ================= DO NOT MODIFY THIS FILE =================
# 
# Manual changes will be lost when this file is regenerated.
#
# Please read the developer's guide, which is available
# at NethServer official site: https://www.nethserver.org
#
# 
NETWORKING=yes
FORWARD_IPV4=yes

(fpausp) #2

To disable ip6, please try:

# check ipv6
ifconfig -a | grep inet6

# make folder for template
mkdir -p /etc/e-smith/templates-custom/etc/sysctl.conf

# create template-file
nano /etc/e-smith/templates-custom/etc/sysctl.conf/99sysctl

# content of 99sysctl
net.ipv6.conf.all.disable_ipv6 = 1

# expand template
expand-template /etc/sysctl.conf

# To reflect the changes
sysctl -p

# check ipv6 again
ifconfig -a | grep inet6

(Matthieu Gaillet) #3

Thanks @fausp !

I followed your guide successfully but still postfix tries to connect to ipv6 adresses :

Sep 13 22:36:41 cloud postfix/smtp[3464]: connect to ab-inbev.be[2400:cb00:2048:1::6810:f217]:25: Network is unreachable

It is true that

# cat /etc/postfix/main.cf | grep protocols
inet_protocols = all

I replaced “all” by ipv4 and it works now, but

  1. this will probably not survive a configuration change
  2. I wonder if specifying “all” even if the server isn’t configured for ipv6 is a good idea.

(Markus Neuberger) #4

A custom template is needed. The main.cf config file works like last occurance counts so it’s possible to just add a custom fragment at the end instead of overwriting:

mkdir -p /etc/e-smith/templates-custom/etc/postfix/main.cf
echo 'inet_protocols = ipv4' > /etc/e-smith/templates-custom/etc/postfix/main.cf/90ipv4
signal-event nethserver-mail2-server-update

(Matthieu Gaillet) #5

Thanks !

No comment regarding the « all » parameter which seems to be default ?