Tuesday, October 03, 2006

FreeBSD Update with IPv6

Is it possible to use FreeBSD Update with a host running FreeBSD in an IPv6 only scenario? It's not acceptable to leave it unpatched. The system in question is also extremely slow (P200, 32 MB RAM) so building via CVS is not a good option.

Maybe FreeBSD Update is hosted on an IPv6 dual-stack system?

p200:/root# freebsd-update fetch
Fetching updates signature...
fetch: http://update.daemonology.net/i386/6.1/updates.sig: Network is unreachable

Shoot. Well, I can reach a host (we'll call it "dualstack") that has both IPv4 and IPv6 addresses. dualstack can also reach my Squid proxy on the IPv4 network. I'll use SSH to port forward traffic needed by FreeBSD Update.

p200:/home/richard$ ssh -p 22022 -L 3128:squidproxy:3128 user@dualstack

In a new window I'll set the appropriate proxy environment variable.

p200:/root# setenv HTTP_PROXY http://localhost:3128

Now I run FreeBSD Update.

p200:/root# freebsd-update fetch
Fetching updates signature...
Fetching updates...
Fetching hash list signature...
Fetching hash list...
Examining local system...
Fetching updates...
/etc/ssh/ssh_config...
...truncated...

It works very well. SSH port forwarding is only one solution to this problem, but it worked well enough here.

No comments: