Question
IPv6 connectivity issues with nginx
Hi,
I recently turned on IPv6 addresses on one of our droplets hosted in Bangalore. I added a new AAAA entry for this IPv6 address, in addition to the A entry. I now have 2 entries (addresses are obscured here):
A Record: @ 139.59.XX.YY 600 seconds
AAAA record: @ 2400:6180:100:WW::XXX:YYYY 1 Hour
While I am able to load the website on my browser using https (or http which gets redirected to https), I get a webserver unreachable when I test IPv6 connectivity using http://ipv6-test.com/validate.php
Here are some commands I ran on the server to debug the issue, but I couldn’t find anything wrong:
sudo netstat -tulpan | grep nginx
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 2705/nginx -g daemo
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 2705/nginx -g daemo
tcp6 0 0 :::443 :::* LISTEN 2705/nginx -g daemo
tcp6 0 0 :::80 :::* LISTEN 2705/nginx -g daemo
ufw status
Status: inactive
sudo sysctl -a | grep bindv6only (I explicitly set this to 1 )
net.ipv6.bindv6only = 1
sysctl: reading key “net.ipv6.conf.all.stablesecret”
sysctl: reading key “net.ipv6.conf.default.stablesecret”
sysctl: reading key “net.ipv6.conf.eth0.stablesecret”
sysctl: reading key “net.ipv6.conf.eth1.stablesecret”
sysctl: reading key “net.ipv6.conf.lo.stablesecret”
sysctl: reading key “net.ipv6.conf.lxdbr0.stablesecret”
This is my nginx config (/etc/nginx/sites-enabled/default)
server {
listen 80;
listen [::]:80 ipv6only=on;
server_name example.com www.example.com;
rewrite ^(.*) https://example.com$1 permanent;
}
server {
listen 443 ssl;
listen [::]:443 ipv6only=on;
server_name example.com;
sslcertificate example.com.pem;
sslcertificate_key example.com.key;
:
:
:
}
Am I missing something here?
Best,
Roshan
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
×