Is there an existing issue for this?
Current Behavior
The Bug
In /etc/s6-overlay/s6-rc.d/init-nginx/run, the script attempts to filter out IPv6 addresses from /etc/resolv.conf before generating resolver.conf. However, the current filtering logic is unreliable and allows certain IPv6 addresses to pass through, which subsequently crashes Nginx.
Current broken logic:
if [[ "$(awk -F ':' '{print NF-1}' <<<"${i}")" -le 2 ]]; then
RESOLVER="${RESOLVER} ${i}"
fiWhy it fails
The script assumes an address is IPv4 if it contains 2 or fewer colons.
Compressed IPv6 addresses, specifically those using :: (like fd00::1), often contain exactly 2 colons.
The script incorrectly treats fd00::1 as a valid IPv4.
It writes resolver fd00::1; to resolver.conf.
Nginx fails to start with: [emerg] invalid port in resolver "fd00::1".
Recommended Fix (Strict IPv4 Validation)
To align with the current design goal of "ignoring IPv6", the script should use strict regex to ensure only valid IPv4 addresses are added:
for i in ${RESOLVERRAW}; do
# Strictly match IPv4 format (digit.digit.digit.digit)
if [[ "${i}" =~ ^[0-9]{1,3}(\.[0-9]{1,3}){3}$ ]]; then
RESOLVER="${RESOLVER} ${i}"
fi
doneFuture Suggestion
While the priority is fixing the crash by strictly filtering IPv4, it would be beneficial in the future to properly support IPv6 by wrapping detected IPv6 addresses in square brackets [] instead of discarding them.
Expected Behavior
No response
Steps To Reproduce
-
Host environment has an IPv6 nameserver (specifically a compressed ULA address like fd00::1) in /etc/resolv.conf.
-
Deploy the container using the provided configuration (Podman/Docker).
-
Start the container for the first time.
-
Observe that Nginx fails to start because the initialization script generates an invalid resolver.conf.
Environment
- OS: RHEL (dual-stack IPv4 + IPv6)
- Network configuration: Host has both IPv4 and IPv6 addresses assigned
- DNS configuration: Both IPv4 and IPv6 nameservers are present
- How docker service was installed: podman
Host /etc/resolv.conf example:
[a@RHEL ~]$ cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 10.0.0.1
nameserver fd00::1
[a@RHEL ~]$
This is not an IPv6-only setup.
The system is running in a dual-stack environment, with both IPv4 and IPv6 connectivity and DNS resolvers configured.
The crash occurs despite a valid IPv4 DNS server being present, indicating this is not an IPv6-support limitation, but a resolver parsing issue.
Docker creation
# librespeed.container
[Container]
ContainerName=librespeed
Environment=PUID=3013 PGID=3013
Image=lscr.io/linuxserver/librespeed:latest
PublishPort=3013:80
[Service]
Restart=always
Container logs
2026/02/15 22:59:54 [emerg] 1993#1993: invalid port in resolver "fd00::1" in /config/nginx/resolver.conf:3
2026/02/15 22:59:55 [emerg] 1998#1998: invalid port in resolver "fd00::1" in /config/nginx/resolver.conf:3
2026/02/15 22:59:56 [emerg] 2003#2003: invalid port in resolver "fd00::1" in /config/nginx/resolver.conf:3
2026/02/15 22:59:57 [emerg] 2008#2008: invalid port in resolver "fd00::1" in /config/nginx/resolver.conf:3
2026/02/15 22:59:58 [emerg] 2013#2013: invalid port in resolver "fd00::1" in /config/nginx/resolver.conf:3
2026/02/15 22:59:59 [emerg] 2018#2018: invalid port in resolver "fd00::1" in /config/nginx/resolver.conf:3
2026/02/15 23:00:00 [emerg] 2023#2023: invalid port in resolver "fd00::1" in /config/nginx/resolver.conf:3
2026/02/15 23:00:01 [emerg] 2030#2030: invalid port in resolver "fd00::1" in /config/nginx/resolver.conf:3
2026/02/15 23:00:02 [emerg] 2035#2035: invalid port in resolver "fd00::1" in /config/nginx/resolver.conf:3
2026/02/15 23:00:03 [emerg] 2040#2040: invalid port in resolver "fd00::1" in /config/nginx/resolver.conf:3
2026/02/15 23:00:04 [emerg] 2045#2045: invalid port in resolver "fd00::1" in /config/nginx/resolver.conf:3
Is there an existing issue for this?
Current Behavior
The Bug
In /etc/s6-overlay/s6-rc.d/init-nginx/run, the script attempts to filter out IPv6 addresses from /etc/resolv.conf before generating resolver.conf. However, the current filtering logic is unreliable and allows certain IPv6 addresses to pass through, which subsequently crashes Nginx.
Current broken logic:
Why it fails
The script assumes an address is IPv4 if it contains 2 or fewer colons.
Compressed IPv6 addresses, specifically those using :: (like fd00::1), often contain exactly 2 colons.
Recommended Fix (Strict IPv4 Validation)
To align with the current design goal of "ignoring IPv6", the script should use strict regex to ensure only valid IPv4 addresses are added:
Future Suggestion
While the priority is fixing the crash by strictly filtering IPv4, it would be beneficial in the future to properly support IPv6 by wrapping detected IPv6 addresses in square brackets [] instead of discarding them.
Expected Behavior
No response
Steps To Reproduce
Host environment has an IPv6 nameserver (specifically a compressed ULA address like fd00::1) in /etc/resolv.conf.
Deploy the container using the provided configuration (Podman/Docker).
Start the container for the first time.
Observe that Nginx fails to start because the initialization script generates an invalid resolver.conf.
Environment
Host /etc/resolv.conf example:
This is not an IPv6-only setup.
The system is running in a dual-stack environment, with both IPv4 and IPv6 connectivity and DNS resolvers configured.
The crash occurs despite a valid IPv4 DNS server being present, indicating this is not an IPv6-support limitation, but a resolver parsing issue.
Docker creation
# librespeed.container [Container] ContainerName=librespeed Environment=PUID=3013 PGID=3013 Image=lscr.io/linuxserver/librespeed:latest PublishPort=3013:80 [Service] Restart=alwaysContainer logs