debcrafters-packages team mailing list archive

Thread
Date
[Bug 2128664] [NEW] initramfs with ipv6?

To: debcrafters-packages@xxxxxxxxxxxxxxxxxxx
From: Hadmut Danisch <2128664@xxxxxxxxxxxxxxxxxx>
Date: Thu, 16 Oct 2025 19:39:53 -0000
Reply-to: Bug 2128664 <2128664@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx
Public bug reported:

Hi,

I haven't found any regular (non-dirty-hack) way to configure an ipv6
address in an ubuntu initramfs (before decryption of the root disk).


Given Problem:

It is a common method to have servers running ubuntu server edition with
an encrypted file system, to to put dropbear into initramfs, which holds
the boot process, requests an ipv4 address by dhcp, offers an ssh-login,
where you call  cryptroot-unlock and enter the password, and the system
proceeds.

This works well with ipv4.

But we are short of ipv4 addresses, and cloud provider do extra charge
use of ipv4 addresses, and sometimes you can't get any, because an
assigned contingent is already exhausted.

Then you can't boot the machine (except if there is a virtual console to
use), because the machine is not reachable through ipv4 at all, but both
initramfs and dropbear can't configure ipv6.

I have tried kernel command line options like

ip6=dhcp ipv6.address=2a01:4f8:1c1b:5996::1/64

but both don't help.

ip6=dhcp indeed starts a dhcp6 request and waits for a long time, but
cloud providers usually do not offer dhcp6, and this it doesn't work.

ipv6.address=2a01:4f8:1c1b:5996::1/64 seems to have no effect at all.


So I currently do not see a clean and conformant way to run an encrypted
ubuntu server without ipv4. It might be possible to fiddle some ip
commands into the initramfs to directly configure the interfaces, but
what is the clean and standard way supposed by Ubuntu?

Keep in mind, that more and more virtual machines have to be run without
ipv4, especially outside the US, where ipv4 addresses are really short.
And some third world countries which developed too late just got very
little ipv4 addresses, if at all, and are expected to work with ipv6
only.


regards

ProblemType: Bug
DistroRelease: Ubuntu 24.04
Package: initramfs-tools 0.142ubuntu25.5
ProcVersionSignature: Ubuntu 6.8.0-85.85-generic 6.8.12
Uname: Linux 6.8.0-85-generic x86_64
ApportVersion: 2.28.1-0ubuntu3.8
Architecture: amd64
CasperMD5CheckResult: unknown
Date: Thu Oct 16 21:25:30 2025
PackageArchitecture: all
SourcePackage: initramfs-tools
UpgradeStatus: No upgrade log present (probably fresh install)

** Affects: initramfs-tools (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: amd64 apport-bug noble

-- 
You received this bug notification because you are a member of
Debcrafters packages, which is subscribed to initramfs-tools in Ubuntu.
https://bugs.launchpad.net/bugs/2128664

Title:
  initramfs with ipv6?

Status in initramfs-tools package in Ubuntu:
  New

Bug description:
  Hi,

  I haven't found any regular (non-dirty-hack) way to configure an ipv6
  address in an ubuntu initramfs (before decryption of the root disk).


  Given Problem:

  It is a common method to have servers running ubuntu server edition
  with an encrypted file system, to to put dropbear into initramfs,
  which holds the boot process, requests an ipv4 address by dhcp, offers
  an ssh-login, where you call  cryptroot-unlock and enter the password,
  and the system proceeds.

  This works well with ipv4.

  But we are short of ipv4 addresses, and cloud provider do extra charge
  use of ipv4 addresses, and sometimes you can't get any, because an
  assigned contingent is already exhausted.

  Then you can't boot the machine (except if there is a virtual console
  to use), because the machine is not reachable through ipv4 at all, but
  both initramfs and dropbear can't configure ipv6.

  I have tried kernel command line options like

  ip6=dhcp ipv6.address=2a01:4f8:1c1b:5996::1/64

  but both don't help.

  ip6=dhcp indeed starts a dhcp6 request and waits for a long time, but
  cloud providers usually do not offer dhcp6, and this it doesn't work.

  ipv6.address=2a01:4f8:1c1b:5996::1/64 seems to have no effect at all.


  So I currently do not see a clean and conformant way to run an
  encrypted ubuntu server without ipv4. It might be possible to fiddle
  some ip commands into the initramfs to directly configure the
  interfaces, but what is the clean and standard way supposed by Ubuntu?

  Keep in mind, that more and more virtual machines have to be run
  without ipv4, especially outside the US, where ipv4 addresses are
  really short. And some third world countries which developed too late
  just got very little ipv4 addresses, if at all, and are expected to
  work with ipv6 only.

  
  regards

  ProblemType: Bug
  DistroRelease: Ubuntu 24.04
  Package: initramfs-tools 0.142ubuntu25.5
  ProcVersionSignature: Ubuntu 6.8.0-85.85-generic 6.8.12
  Uname: Linux 6.8.0-85-generic x86_64
  ApportVersion: 2.28.1-0ubuntu3.8
  Architecture: amd64
  CasperMD5CheckResult: unknown
  Date: Thu Oct 16 21:25:30 2025
  PackageArchitecture: all
  SourcePackage: initramfs-tools
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/initramfs-tools/+bug/2128664/+subscriptions