** Description changed:
+ ---------------------------------------
+ READ THIS BEFORE COMMENTING ON THIS BUG
+ ---------------------------------------
+
+ security.ubuntu.com and archive.ubuntu.com have been IPv6 enabled since
+ March 2013 (see comment #29 below). Their connectivity is monitored by
+ both internal and 3rd party monitoring systems.
+
+ If you experience problems with IPv6 connectivity to the archive
+ servers, please DO NOT comment on this bug. Instead, email
+ r...@ubuntu.com explaining the problem, and include the output of the
+ following commands:
+
+ - date -u --rfc-3339=seconds
+ - ip -6 addr
+ - mtr -6 --report --no-dns -c 3 security.ubuntu.com
+ - host security.ubuntu.com # requires bind9-host to be installed
+ - ip -6 route get $(host security.ubuntu.com|awk '/has IPv6 address/ {print
$NF}') # also requires bind9-host to be installed
+
+ ---------------------------------------
+
Dear,
- The apt source list for security update is by default configured to
+ The apt source list for security update is by default configured to
security.ubuntu.com.
- When you have a system using only IPv6 (and having not access to IPv4 via
NAT-PT),
- security.ubuntu.com is only reachable in IPv4.
+ When you have a system using only IPv6 (and having not access to IPv4
+ via NAT-PT), security.ubuntu.com is only reachable in IPv4.
- It would be wise to configure an AAAA record to security.ubuntu.com to at
least
- point to one of the many mirrors supporting IPv6 connectivity.
+ It would be wise to configure an AAAA record to security.ubuntu.com to
+ at least point to one of the many mirrors supporting IPv6 connectivity.
- That would avoid system running natively in IPv6 to lack by default the
security
- update.
+ That would avoid system running natively in IPv6 to lack by default the
+ security update.
Thanks a lot,
Kind regards
- PS : I checked this as being a security vulnerability but this is more a
configuration issue
- on the Ubuntu network infrastructure than a real security vulnerability:
+ PS : I checked this as being a security vulnerability but this is more a
+ configuration issue on the Ubuntu network infrastructure than a real
+ security vulnerability:
A DNS AAAA request :
dig -t AAAA security.ubuntu.com
; <<>> DiG 9.4.1-P1 <<>> -t AAAA security.ubuntu.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26872
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;security.ubuntu.com. IN AAAA
;; AUTHORITY SECTION:
ubuntu.com. 3600 IN SOA ns1.canonical.com.
hostmaster.canonical.com. 2008061805 10800 3600 604800 3600
;; Query time: 134 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Jun 19 15:17:39 2008
;; MSG SIZE rcvd: 98
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/241305
Title:
security.ubuntu.com not accessible in IPv6 (AAAA record missing in the
DNS)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-website/+bug/241305/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
