Convince apt-get *not* to use IPv6 method

The ISP I work at is setting up an internal IPv6 network in preparation for eventually connecting to the IPv6 internet. As a result, several of the servers in this network now try to connect to via its IPv6 address by default when running apt-get update, and that results in having to wait for a lengthy timeout whenever I’m downloading updates of any sort.

Is there a way to tell apt to either prefer IPv4 or ignore IPv6 altogether?

Asked By: Shadur


How about adding a line in /etc/hosts overriding the relevant addresses? e.g., 
Answered By: badp

You could work around this by setting up a DNS proxy server that dropped ip6 responses.

Answered By: pjc50

You could setup apt-cacher-ng on a spare machine to act as a proxy/cache for all of your hosts. You can force the configuration to only use specific hosts or use the /etc/hosts trick suggested by @badp on that one machine.

apt-get install apt-cacher-ng

Once you have apt-cache-ng setup you just need to drop the following line (with IP address/hostname altered to point at your cacher machine) in /etc/apt/apt.conf.d/90httpproxy

Acquire::http { Proxy "http://[]:3142"; };

I use that setup to reduce bandwidth usage but it should workaround your problem. Unfortunately I’m not aware of a way to directly disable ipv6 lookups for apt-get itself.

Answered By: Richm

As Gilles says, use gai.conf. Notes:

  1. This works at a much lower level (DNS and IP networking) than APT, so it will change how all your applications network–at least, all that use getaddrinfo.
  2. Before editing your gai.conf, you should back it up, and also read it (don’t worry, it’s short). The edits below are probably already mentioned in your current file; if the current file indicates something different from what’s mentioned below, you should probably prefer what’s in your current file.

But if this is what you want (which it probably is), let’s proceed. Say we have two hosts and :

$ host is an alias for has address has IPv6 address 2001:470:0:76::2

$ host has address has IPv6 address 2001:67c:2e8:22::c100:68b

Case 1: prefer IPV4 for all hosts

Append to /etc/gai.conf the following line:

precedence ::ffff:0:0/96  100

After saving the edited file (no need to restart), you should see networking apps (e.g., telnet) using IPV4: e.g.,

$ telnet 81
$ telnet 81

Case 2: prefer IPV6 for specific hosts

If we want to prefer IPV6 only for or its network, we can append a mask/prefix for all, or just some part, of its IPV6 address to /etc/gai.conf. E.g., the following line:

precedence 2001:470::/32 100

(after saving the edited file) produces

$ telnet 81
$ telnet 81
Trying 2001:470:0:76::2...

Case 3: prefer IPV4 for specific hosts

If we invert the mask will the reverse be true? According to @GrueMaster, appending

precedence 2001:470::/96 100

worked for him after disabling IPV6 for (otherwise it stalls forever).

See also:

Answered By: Lmwangi

I have found a much better way to do this. Open up your sources.list file and note down the hostnames of the repos. Get their IPv4 addresses, then edit sources.list with the IPv4 addresses rather than the hostnames. Apt-get should now contact the repositories over the IPv4 addresses you specified, bypassing IPv6.

There is the disadvantage that repos usually have some sort of load balancing and/or IP geolocation set up, which this method of course bypasses. However, it shouldn’t matter if only a few people are doing it. If you do find one mirror is slow, try getting another repo IP address (for instance, by using an online ping service) and use that.

Answered By: Ashley Strout

Add -o Acquire::ForceIPv4=true when running apt-get.

If you want to make the setting persistent just create /etc/apt/apt.conf.d/99force-ipv4 and put Acquire::ForceIPv4 "true"; in it:

echo 'Acquire::ForceIPv4 "true";' | sudo tee /etc/apt/apt.conf.d/99force-ipv4

Config options Acquire::ForceIPv4 and Acquire::ForceIPv6 were added to version (see bug 611891) which is available since Ubuntu Saucy (released in October 2013) and Debian Jessie (released in April 2015).

Answered By: mmoya

Hijacking old topic, but faced with the same problem recently. So, based on the advice given above and the output of host and whois:

# host has address has address has address has IPv6 address 2001:8d8:580:400:6564:a62:0:2 has IPv6 address 2001:a78:5:0:216:35ff:fe7f:be4f has IPv6 address 2001:a78:5:1:216:35ff:fe7f:6ceb

Solved problem in a slightly different way – lowered the precedence of the IPv6 networks which contain in /etc/gai.conf:

# Make IPv6 for undesirable
precedence 2001:8d8:580::/48    5
precedence 2001:a78:5::/48      5

So, IPv6 is still preferred except for

Answered By: Timur Bakeyev

As of Oct 08th 2014, I had the same issue, trying to update debian behind a proxy on local network. In the hope it will be relevant to others, I post my response here. As others have mentioned, editing /etc/hosts is something one should be careful with.

But personally I just wanted to have the update done.

Content of /etc/apt/sources.list when doing the update (it was different before the update..):

deb testing main
deb-src testing main

deb wheezy main
deb-src wheezy main

deb wheezy/updates main
deb-src wheezy/updates main

Content of /etc/apt/apt.conf:

Acquire::http::proxy "";
Acquire::http::Timeout "10";
Acquire::ftp::Timeout "10";

Addition to /etc/hosts:

#Workaround for making apt-get work (08-10-2014)

Now, running apt-get update ; apt-get upgrade as root worked well.

As mentioned in other answers, use, run host command on the domain to get the correct ip to insert in the hosts file.


$ host has address

This successfully updated the system to Debian GNU/Linux testing (jessie). You might not want to run with the testing repositories, then simply remove it from the sources. The testing repositories gives you more recent updates of several packages, but is not considered stable.

Answered By: NordicViking
Categories: Answers Tags: ,
Answers are sorted by their score. The answer accepted by the question owner as the best is marked with
at the top-right corner.