Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

net: network is unreachable on Amazon Linux 2 #58400

Closed
levi-nz opened this issue Feb 8, 2023 · 2 comments
Closed

net: network is unreachable on Amazon Linux 2 #58400

levi-nz opened this issue Feb 8, 2023 · 2 comments
Labels
FrozenDueToAge

Comments

@levi-nz
Copy link

levi-nz commented Feb 8, 2023
edited

What version of Go are you using (go version)?

1.20

Does this issue reproduce with the latest release?

Yes

What operating system and processor architecture are you using (go env)?

Amazon Linux 2 (arm64) (linux/arm64)

What did you do?

I'm trying to connect to my PostgreSQL cluster on Amazon RDS. The cluster has dual-stack mode enabled.

What did you expect to see?

Successful connection to the cluster.

What did you see instead?

 failed to connect to `host=collector.cluster-c3tdcjzw8by1.us-east-1.rds.amazonaws.com <redacted>`: dial error (dial tcp [2600:1f18:4769:c800:c1c6:ffd:fdbb:2045]:5432: connect: network is unreachable)

When running dig collector.cluster-c3tdcjzw8by1.us-east-1.rds.amazonaws.com, I get the following result:

; <<>> DiG 9.11.4-P2-RedHat-9.11.4-26.P2.amzn2.5.2 <<>> collector.cluster-c3tdcjzw8by1.us-east-1.rds.amazonaws.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24492
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;collector.cluster-c3tdcjzw8by1.us-east-1.rds.amazonaws.com. IN A

;; ANSWER SECTION:
collector.cluster-c3tdcjzw8by1.us-east-1.rds.amazonaws.com. 5 IN CNAME collector-instance-1.c3tdcjzw8by1.us-east-1.rds.amazonaws.com.
collector-instance-1.c3tdcjzw8by1.us-east-1.rds.amazonaws.com. 5 IN A 10.0.0.28

;; Query time: 2 msec
;; SERVER: 20.0.0.2#53(20.0.0.2)
;; WHEN: Wed Feb 08 06:19:18 UTC 2023
;; MSG SIZE  rcvd: 151

Which gives the IPv4 10.0.0.28. When using this IP address instead of the hostname (host=10.0.0.28) the connection is successful.

There seems to be a similar issue here: https://groups.google.com/g/golang-nuts/c/j7ylMOg1qc4

Before anyone says "you've clearly misconfigured your AWS setup"; my setup is correct and I have tested it. The RDS security group allows IPv6 connections and the connector (EC2 instance in this case) has a security group which allows outbound access to port 5432 for IPv6. I've even added "all traffic" rules to both security groups to be 100% sure. My route tables are also correctly setup. Reachability Analyzer also confirms the network is reachable.
@levi-nz
Copy link
Author

levi-nz commented Feb 8, 2023
edited

Turns out I forgot to enable "Enable auto-assign IPv6 address" in the connector's subnets (the instances connecting to the cluster), so the instances didn't have an IPv6 address, therefor being unable to connect to an IPv6 host. I feel like a total idiot.

Still, this error message is very vague. Shouldn't there be a more clear error message if you try to connect to an IPv6 host on a system with no IPv6 address instead of just "network is unreachable"? Or is this standard? Additionally, shouldn't Go automatically choose IPv4 when doing a DNS lookup on such a system if both IPv4 and IPv6 are available?

@seankhliao
Copy link
Member

you will always have ipv6 addresses unless turned off at the kernel. What you might not have are addresses that can route to your intended destination.

choosing ipv6 over ipv4 is standard.

@seankhliao seankhliao closed this as not planned Won't fix, can't repro, duplicate, stale Feb 8, 2023
@golang golang locked and limited conversation to collaborators Feb 8, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@gopherbot @seankhliao @levi-nz