Skip to content

"dial tcp [::1]:6443: connect: network is unreachable" errors in kubernetes controlplane components when IPv6 is disabled on the loopback interface

Article Number: 000021366

Environment

  • Rancher v2.6+
  • A Rancher RKE2 cluster
  • IPv6 networking disabled on the loopback interface

Situation

Provisioning of a downstream RKE2 cluster with IPv6 networking enabled fails. In the kube-controller-manager container, messages about the lack of connectivity to the API can be seen:

dial tcp [::1]:6443: connect: network is unreachable

Resolution

With IPv6 networking enabled on the host, the OS will default to the resolution of localhost to ::1 over 127.0.0.1 (/etc/hosts has localhost resolving to both 127.0.0.1 and ::1).

If the host node is started with IPv6 networking enabled, but this is then disabled on the loopback interface, localhost resolution will default to ::1 (which remains in the /etc/hosts file), but the address will not be available on the loopback interface.

To resolve this enable IPv6 on the loopback interface:

sudo sysctl -w net.ipv6.conf.lo.disable_ipv6=0

This change will not persist node reboots, and you should also update any custom configuration you have defined in /etc/sysctl.conf or /etc/sysctl.d/*.conf files to ensure IPv6 networking is enabled on the loopback interface.