IPv6 Doesn't Pass The Validity Test

MaXi32

Verified User
Joined
Jul 25, 2016
Messages
656
Location
The Earth
Before I begin:

My system is: Centos 8 (latest), host at linode, everything is latest version including the custombuild.

My issue:

I do some tests on my server using one of the domain name such as www.maxibi.com at http://ipv6-test.com/validate.php

then the result was IPv6: web server is unreachable : Connection refused .

This test also return an error for various ipv6 test in another sites such as http://www.ip6tools.com/#checkWebServer

the result was:
Web Server is not IPv6 Compatible!

Also another site like https://ready.chair6.net/?url=https://www.maxibi.com

and I got complain about various ipv6 problem

I have created a ticket on my provider and they told me that there's nothing wrong with the Network Card and they can ping the IPv6. my guess is that nginx might be the problem but I check nothing is wrong (see below).

Things that I have tried:
1) Configure my network to use static IP address (IPV6+ipv4) and disable any auto network configuration.
2) Check nginx listening to ipv6 (via process) and the nginx config has the directive like:

listen [::]:443 default ipv6only=on;

3) I have done following this carefully step by step: https://help.directadmin.com/item.php?id=353
4) I have disabled the firewall to test the result. Firewall is CSF with ipv6 enabled.
5) Using this command to check ipv6 is ready:

[ -f /proc/net/if_inet6 ] && echo 'IPv6 ready system!' || echo 'No IPv6 support found! Compile the kernel!!'

The output: IPv6 ready system!
6) I'm using external DNS and I have checked that the external DNS entries are identical with the internal DNS and everything is pingable.
7) I have checked what port nginx and apache is listening for

[root@earth ~]# netstat -napl | grep 80
tcp 0 0 127.0.0.1:80 0.0.0.0:* LISTEN 2570/nginx: master
tcp 0 0 172.104.50.181:80 0.0.0.0:* LISTEN 2570/nginx: master
tcp6 0 0 ::1:80 :::* LISTEN 2570/nginx: master
tcp6 0 0 2400:8901::f06c:91ff:80 :::* LISTEN 2570/nginx: master
tcp6 0 0 :::8080 :::* LISTEN 941/httpd
tcp6 0 0 :::8081 :::* LISTEN 941/httpd
tcp6 0 0 172.104.50.182:8902 12.188.41.234:49180 TIME_WAIT -

Is there any hint to bypass the test? My big question is does the website test on the links above prove that my site is not reachable for any users who are on IPv6 adress only on their device? I dont know because I don't have any device that is on IPv6 address.

Perhaps I need to dig more info to get the details but I dont know what else I can do (done searching Google with no answer). TQ appreciate your help.
 
Last edited:
Please provide versions of software you are using.

Directadmin, which OS, CB version and more.

Also look in log files for the moments of testing..

For the test sites i guess only on ports 80 and 443 they do.
Technical details:
Web serverUnreachable IPv6 address
www.maxibi.com2400:8901::f03c:91ff:fe05:6cb1

I don't understand why you use for ns1 ns2 and maindomain al exacte same one ip adres?

ns1.maxibi.com.2400:8901::f03c:91ff:fe05:6cb1172.104.50.185

For IPv6 you get a block so you can use own ipv6 per domain / subdomain etc. without any problems

Sorry i don't know ningx ,


 
Last edited:
Please provide versions of software you are using.

Directadmin, which OS, CB version and more.

Also look in log files for the moments of testing..

Hi, I have mentioned that everything is latest version as today. So: here it is:

Directadmin version: 1.59.5 (latest)
OS version: Centos 8 | Kernel: Linux 5.3.11-x86_64-linode131 (latest)
Custombuild: 2.0.0 (rev: 2342) (latest)
Webserver is: apache_nginx (reverse proxy) apache as backend, nginx as frontend.


Nginx version:
[root@earth ~]# nginx -v
nginx version: nginx/1.17.7

apache version:
[root@y~]# httpd -v
Server version: Apache/2.4.41 (Unix)
Server built: Oct 31 2019 08:20:53

For all of the log files, there is no error or warning that is related to the test. I also see no strange logs:
 
Ah ok try then support ticket for ipv6

I have problems with ipv6 on centos 8 to , but is a kind of lan configuration . ( OPENSTACK instance) not knowing where to look while centos 8 is also somewhat different .
 
Please provide versions of software you are using.

Directadmin, which OS, CB version and more.

Also look in log files for the moments of testing..

For the test sites i guess only on ports 80 and 443 they do.


I don't understand why you use for ns1 ns2 and maindomain al exacte same one ip adres?

ns1.maxibi.com.2400:8901::f03c:91ff:fe05:6cb1172.104.50.185

For IPv6 you get a block so you can use own ipv6 per domain / subdomain etc. without any problems

Sorry i don't know ningx ,


Regarding to your question about ns1. ns2 please ignore that one as previously I tried to setup internal DNS in directadmin then I created the domain above with a standalone server (different IP). But I forgot to change it. Sorry I'm a little bit confuse, Do you mean removing the entry solve this issue?

Regarding to this:
"For IPv6 you get a block so you can use own ipv6 per domain / subdomain etc. without any problems"

Every domain is already have ipv6 record enabled. What do you mean "to use own ipv6 per domain/subdomain".
 
Back
Top