This is the situation which we are in e.g. by Hetzner. We do not need IPv4 address because the servers are not accessible from outside. We only need from time to time connect some IPv4 server (like the RTB’s one) and download some software.
Operating an IPv6-only server in an IPv4-heavy world can feel like being on a futuristic island without a bridge. Since you only need occasional access to specific services like GitHub (which, famously, still has spotty IPv6 support) and your registry, you have three solid ways to build that bridge.
1. DNS64 / NAT 64
This article describes the easy option for occasional download.
This is the most common solution for IPv6-only nodes. It uses a combination of a special DNS server and a translator (NAT64) to route your IPv4 requests.
How it works: When you look up github.com, the DNS64 server synthesizes an IPv6 address for it. Your traffic is then sent to a NAT64 gateway that translates it back to IPv4 to reach the destination.
The approaches sets the resolver only temporary. Reboot revert it back. To make the change permanent navigate to chapter Persist the change.
1.1. Trex.fi
Preferred solution for Hetzner.
# Clear the old manual DNS
# sudo resolvectl revert eth0
# Set the new DNS64 servers (Trex.fi)
sudo resolvectl dns eth0 2001:67c:2b0::4 2001:67c:2b0::6
# Flush the old "bad" DNS results from cache
sudo resolvectl flush-caches1.2. NAT64/DNS64
|
This solution does not work on Hetzner, because or some routing problems. Use <<provider_trex_fi> instead. |
Implementation:
# Clear the old manual DNS
# sudo resolvectl revert eth0
sudo resolvectl dns eth0 2a01:4f8:c2c:123f::1 2a01:4f9:c010:3f02::1
# Flush the old "bad" DNS results from cache
sudo resolvectl flush-caches1.3. Revert
To undo that command and revert to your original settings, you essentially need to tell systemd-resolved to stop using those specific manual overrides and go back to the defaults provided by your network (DHCP or Netplan).
1.3.1. The Direct Revert
Run the following command to clear the manual DNS settings for that interface:
sudo resolvectl revert eth0(Again, replace eth0 with your interface name if it is different.)
1.3.2. Verify the Cleanup
To make sure the manual IPv6 DNS addresses are gone and see what your server is currently using, run:
resolvectl status eth0Under the DNS Servers section, it should no longer show the 2a01… addresses. It will likely show your original gateway or be empty if it’s waiting for a DHCP assignment.
2. Persist the change
AI answer. Not tested.
They apply changes to the running state of systemd-resolved, but upon a reboot, the system will look back at your Netplan or Cloud-Init configuration files to rebuild its settings.
To make this permanent on an Ubuntu Server, you need to edit your Netplan configuration.
2.1. Plan A
2.1.1. Identify your config file
Look in /etc/netplan/. Usually, there is a file named something like 01-netcfg.yaml or 50-cloud-init.yaml.
ls /etc/netplan/2.1.2. Edit the file
Open that file with sudo nano /etc/netplan/[FILENAME].yaml.
You need to add a nameservers section under your eth0 interface.
It should look like this:
network:
version: 2
ethernets:
eth0:
dhcp4: true # or false, depending on your setup
dhcp6: true
nameservers:
addresses:
- "2001:67c:2b0::4"
- "2001:67c:2b0::6"| YAML is extremely picky about indentation. Use spaces, not tabs, and ensure the nameservers block is aligned exactly as shown (indented under the interface name). |
2.2. Plan B" (The easy way)
If you find Netplan too annoying to deal with or your provider keeps overwriting it via Cloud-Init, you can use a "brute force" method to lock the DNS.
Install the resolvconf package: sudo apt install resolvconf
Edit /etc/resolvconf/resolv.conf.d/head:
nameserver 2001:67c:2b0::4
nameserver 2001:67c:2b0::6Run sudo resolvconf -u.
This forces those two lines to the very top of your resolv.conf every time it is generated, surviving reboots and DHCP updates.