has no IPv6 connectivity

Asked by dnmvisser

Was about to install a custom package on my IPv6 only Lucid system.
This involved adding a new key to apt, but that failed:

root@testdev:~# apt-key adv --keyserver --recv-keys 7C1A977926535DB3
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyserver --recv-keys 7C1A977926535DB3
gpg: requesting key 26535DB3 from hkp server
gpgkeys: HTTP fetch error 7: Failed to connect to Network is unreachable
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0

I guess this hosts sits in the same network as, which also lacks IPv6 support.
Any idea when these important boxes will get IPv6 connectivity?

Question information

English Edit question
Launchpad itself Edit question
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Laura Czajkowski (czajkowski) said :

At present there isn't support for IPV6 but we are looking to change this in the future.

Revision history for this message
Ryan Rawdon (flieslikeabrick) said :


IPv6 has now been added to other official Canonical resources including and, amongst other repositories, since the last time this question was updated.

It appears that these are hosted on or very close to the same network as the key server -- can this be raised for some discussion? Ubuntu/Canonical made great progress on v6 in the last 18 months, it would be great to carry some momentum from it.

The keyserver is something which is not mirrored (or mirrorable, to my knowledge/understanding)and can block some administration tasks on IPv6-only machines/clusters/environments. It would be great to see this kind of critical infrastructure gain IPv6 connectivity.

Revision history for this message
William Grant (wgrant) said :
#3 is actually just a part of the replicated network. has AAAAs.

Revision history for this message
Wido den Hollander (wido) said :

I would really like to see IPv6 support for the keyserver.

We are deploying multiple IPv6 only servers which require keys from the Ubuntu keyserver.

Could you please add the AAAA-record?

Revision history for this message
William Grant (wgrant) said :

An AAAA will be added to eventually, but it's not currently top priority because IPv6-only hosts can easily use in its place, and that has AAAAs.

Revision history for this message
Johan Jatko (armedguy) said :

Will this be revisited? It is 2019 now and keyserver still doesn't have AAAA. The suggestion of using doesn't seem to work for all ppa packages.

Revision history for this message
Colin Watson (cjwatson) said :

I've added it to our internal tracking card for LP IPv6 support.

Revision history for this message
Alexander Lazarev (gummeah) said (last edit ):

Any news? is dead now.

Revision history for this message
Dolf Schimmel (Freeaqingme) (freeaqingme) said :

I second this request. On the sks-keyservers page I see: "Update 2021-06-21: Due to even more GDPR takedown requests, the DNS records for the pool will no longer be provided at all.".

As a result, IPv6-only hosts are no longer able to access the Ubuntu keyserver(s).

Revision history for this message
Angelo Hongens (ahongens) said :

I was recently setting up some ipv6-only hosts on public clouds as well, and this issue is biting me as well. We're seeing more and more ipv6-only hosts, and having critical infrastructure such as gpg key servers not being available is really a big thing.

Revision history for this message
Christian Kuhn (lolli42) said (last edit ):

I hope it's ok to ping on this issue again, hoping this is finally pushed forward.

This is a blocker for the increasing number of IPv6 only machines out there, when you don't want to work around using proxy foo.

Feels awkward by now. I'm really trying not asking myself questions about the status of the ubuntu infrastructure when such a security related system can not be updated from legacy-IP-only within a 10 year time frame.

Is there any other alternative like an official mirror that supports non-legacy IP? If so, where is this documented? Is there some FAQ for ipv6-only clients that i missed or something like that? What else could be done except using a proxy or copy & pasting ppa gpg key stuff around?

Revision history for this message
Colin Watson (cjwatson) said :

So the thing is that Launchpad is only a client of the Ubuntu keyserver; we don't actually run it. As such, tickets such as this one have generally taken second place behind things that we can actually do something about ourselves. For a long time this was blocked for some internal infrastructural reasons, but those have now been resolved and so it looks like it should be possible now.

I've opened for this. That's in our sysadmins' internal ticketing system, so I'm afraid that only Canonical staff can see it, but I'll try to remember to relay updates as appropriate. However, as I say, it's not actually our service so I don't have direct leverage to make it go faster.

Can you help with this problem?

Provide an answer of your own, or ask dnmvisser for more information if necessary.

To post a message you must log in.