1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

nginx dedicated v4 AND v6 ip

Discussion in 'Server Configuration and Hosting' started by Adam Howard, May 26, 2014.

  1. Adam Howard

    Adam Howard Well-Known Member

    The idea is I want to have both a v4 and v6 IP address. Below is what I currently have now
    PHP:
    server {
          
    listen       xxx.xxx.xxx.xxx:80;
          
    server_name  sociallyuncensored.net;

            
    #charset koi8-r;
            
    access_log  /var/log/nginx/log/sociallyuncensored.net.log  main;

          
    root   /usr/share/nginx/sociallyuncensored.net/public_html;
        
    index  index.html index.php;

            include /
    etc/nginx/rewrites.conf;

            include /
    etc/nginx/php.conf;
    }
    How exactly would I add the v6 IP address?

    I tried this...
    PHP:
    server {
          
    listen       xxx.xxx.xxx.xxx:80;
          
    listen       yyy.yyy.yyy.yyy:80;
          
    server_name  sociallyuncensored.net;

            
    #charset koi8-r;
            
    access_log  /var/log/nginx/log/sociallyuncensored.net.log  main;

          
    root   /usr/share/nginx/sociallyuncensored.net/public_html;
        
    index  index.html index.php;

            include /
    etc/nginx/rewrites.conf;

            include /
    etc/nginx/php.conf;
    }
    But sadly that gave me this error.
    PHP:
    nginx: [emerginvalid port in "yyyy:yyyy:yyy:yyyy:80" of the "listen" directive in /etc/nginx/conf.d/sociallyuncensored_net.conf:3
    nginx
    configuration file /etc/nginx/nginx.conf test failed
    So I am puzzled....
     
  2. euantor

    euantor Well-Known Member

    I believe IPv6 addresses are wrapped in braces like so:

    Code:
     server {
      listen  xxx.xxx.xxx.xxx:80;
      listen  [yyy:yyy:yyy:yyy]:80;
      server_name  sociallyuncensored.net;
    
      #charset koi8-r;
      access_log  /var/log/nginx/log/sociallyuncensored.net.log  main;
    
      root  /usr/share/nginx/sociallyuncensored.net/public_html;
      index  index.html index.php;
    
      include /etc/nginx/rewrites.conf;
    
      include /etc/nginx/php.conf;
    }
    
    Also ensure you have nginx compiled with IPv6 support obviously.
     
  3. Adam Howard

    Adam Howard Well-Known Member

    Getting there, just still not there yet
    PHP:
    nginx: [emerginvalid IPv6 address in "[yyyy:yyyy:yyy:yyyy]:80" of the "listen" directive in /etc/nginx/conf.d/sociallyuncensored_net.conf:3
    nginx
    configuration file /etc/nginx/nginx.conf test failed
     
  4. euantor

    euantor Well-Known Member

    Could you post the actual IPv6 address you're using? I believe the form is as follows, though I don't have any IPv6 addresses:

    Code:
    listen [2607:f0d0:1004:2::2]:80;
    
     
    Adam Howard likes this.
  5. Adam Howard

    Adam Howard Well-Known Member

    Small mistype on my part. My host gave me the whole /64 block so I have more than I could ever use.
    PHP:
    2604:4600:B01:6137::/64
    This is what I'm imputing now
    PHP:
          listen      [2604:4600:B01:6137::2]:80;
    Which now gives me the following error
    PHP:
    nginx: [emergbind() to [2604:4600:b01:6137::2]:80 failed (99Cannot assign requested address)
    nginxconfiguration file /etc/nginx/nginx.conf test failed
     
    Last edited: May 26, 2014
  6. euantor

    euantor Well-Known Member

    HWS likes this.
  7. Adam Howard

    Adam Howard Well-Known Member

    Because I wish to add SSL in the future and also there are more than one site on the server. I also use an AnyCast DNS offsite for help balance and need to provide an AAA record there as well.

    I am totally new to v6 IP addresses. Not even 100% sure how to read them correctly yet. Quoting my host when I asked for a more defined IP list;

    "There are some 18 quintillian addresses within a /64, so it is not feasible to provide a listing of these.

    The usable block would be:
    2604:4600:0B01:6137:0000:0000:0000:0000 - 2604:4600:0B01:6137:FFFF:FFFF:FFFF:FFFF
    "


    Which is good to know, but if I was to count backwards... I have no idea the in between values on WHEN those numbers become letters. lol

    I laughed myself silly when he told me this... I only wanted 5 :p
     
    euantor likes this.
  8. euantor

    euantor Well-Known Member

    Ok, try using the following then:

    Code:
    listen [2604:4600:0B01:6137:0000:0000:0000:0001]:80;
    Since you have that whole block, you can just increment through to F.
     
    Adam Howard likes this.
  9. Adam Howard

    Adam Howard Well-Known Member

    I ignored the first 2 suggestions because there is no

    post-up

    In Ubuntu linux. I found a virtual package for it in

    maptransfer maptransfer-server

    But those are for game servers and are not for my requirements.

    The final solution to that, also did me no good and restarting nginx gives me the same error as before.
     
  10. Adam Howard

    Adam Howard Well-Known Member

    Solved (?)

    Ran this command
    PHP:
    ip -6 a s
    Which displayed a few Ip's the seem to be already associated (not sure how).
    Used one of them and it worked
     
  11. Adam Howard

    Adam Howard Well-Known Member

    ^ Actually a little concerned in using those

    PHP:
     ip -6 a s
    1
    lo: <LOOPBACK,UP,LOWER_UPmtu 65536 
        inet6 
    ::1/128 scope host 
           valid_lft forever preferred_lft forever
    2
    eth0: <BROADCAST,MULTICAST,UP,LOWER_UPmtu 1500 qlen 1000
        inet6 2604
    :4600:b01:6127:f9de:b2f:fa48:685a/64 scope global temporary dynamic 
           valid_lft 525729sec preferred_lft 6729sec
        inet6 2604
    :4600:b01:6127:8c71:4fc3:144b:2eba/64 scope global temporary deprecated dynamic 
           valid_lft 439932sec preferred_lft 0sec
        inet6 2604
    :4600:b01:6127:91c5:ffca:17f0:57ed/64 scope global temporary deprecated dynamic 
           valid_lft 354135sec preferred_lft 0sec
        inet6 2604
    :4600:b01:6127:884d:3083:f7d7:f24a/64 scope global temporary deprecated dynamic 
           valid_lft 268338sec preferred_lft 0sec
        inet6 2604
    :4600:b01:6127:4daf:1a46:5b0a:400d/64 scope global temporary deprecated dynamic 
           valid_lft 182541sec preferred_lft 0sec
        inet6 2604
    :4600:b01:6127:bde7:351f:23b0:2d09/64 scope global temporary deprecated dynamic 
           valid_lft 96744sec preferred_lft 0sec
        inet6 2604
    :4600:b01:6127:b0da:ee41:2cf2:98f5/64 scope global temporary deprecated dynamic 
           valid_lft 10947sec preferred_lft 0sec
        inet6 2604
    :4600:b01:6127:223:7dff:fe50:c517/64 scope global dynamic 
           valid_lft 1998147sec preferred_lft 10947sec
        inet6 fe80
    ::223:7dff:fe50:c517/64 scope link 
           valid_lft forever preferred_lft forever
    The whole "temporary" notice has me concerned
     
  12. Tracy Perry

    Tracy Perry Well-Known Member

    Hehehehe.... took about 2 minutes
    Screen Shot 2014-05-26 at 9.06.19 PM.png
    Code:
    root@bart:/etc/nginx# ip -6 a s
    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436
        inet6 ::1/128 scope host
          valid_lft forever preferred_lft forever
    2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qlen 1000
        inet6 fe80::20ad:ddff:fea3:7767/64 scope link
          valid_lft forever preferred_lft forever
    Now I jsut have to make the DNS entry for it (and wait for namesilo to reflect it).
    I'm still thinking about just moving it all over to Quadranets DNS service.
     
    Last edited: May 27, 2014
    SneakyDave likes this.
  13. Adam Howard

    Adam Howard Well-Known Member

    You could explain exactly how you achieved it....

    nginx tells me that it's working, but http://ipv6-test.com/validate.php tells me that it's not :(
     
  14. Tracy Perry

    Tracy Perry Well-Known Member

    There is more to it than just the nginx configuration. I just locked myself out of the ProxMox server when I enabled IPv6 on it (and had to request a KVM hookup since their web based has a buglet with my computers).
    I had to add a new address in the /etc/network/interfaces (and since I'm have a VPS setup I have to configure my KVM server to route IPV6 also).
     
  15. Tracy Perry

    Tracy Perry Well-Known Member

    And now I think I got the server (KVM) doing the routing it needs (these are on two separate VPS's on the same KVM server).

    Screen Shot 2014-05-26 at 11.52.46 PM.png Screen Shot 2014-05-27 at 12.24.31 AM.png
    Code:
    beerbuzzed@bart:/etc/network$ ping6 -c5 ipv6.google.com
    PING ipv6.google.com(sea09s01-in-x02.1e100.net) 56 data bytes
    64 bytes from sea09s01-in-x02.1e100.net: icmp_seq=1 ttl=50 time=76.1 ms
    64 bytes from sea09s01-in-x02.1e100.net: icmp_seq=2 ttl=51 time=75.5 ms
    64 bytes from sea09s01-in-x02.1e100.net: icmp_seq=3 ttl=50 time=76.1 ms
    64 bytes from sea09s01-in-x02.1e100.net: icmp_seq=4 ttl=51 time=75.6 ms
    64 bytes from sea09s01-in-x02.1e100.net: icmp_seq=5 ttl=51 time=75.6 ms
    --- ipv6.google.com ping statistics ---
    5 packets transmitted, 5 received, 0% packet loss, time 4005ms
    rtt min/avg/max/mdev = 75.572/75.837/76.191/0.324 ms
    This is the beginning of the server section (each VPS only holds one forum on it).
    Code:
    server {
    listen 80 default;
    listen [::]:80 default ipv6only=on;
        listen              443 ssl spdy;
        listen              [::]:443 default ssl spdy;
     
    Last edited: May 27, 2014
    SneakyDave likes this.
  16. Adam Howard

    Adam Howard Well-Known Member

    /ect/network/interfaces
    PHP:
    auto lo
    iface lo inet loopback
    auto eth0
    iface eth0 inet 
    static
            
    address 23.239.64.40
            netmask 255.255.255.192
            gateway 23.239.64.1
    auto eth0
    :1
    iface eth0
    :1 inet static
            
    address 23.239.73.208
            netmask 255.255.255.255
            gateway 23.239.73.1
    auto eth0
    :2
    iface eth0
    :2 inet static
            
    address 23.239.73.209
            netmask 255.255.255.255
            gateway 23.239.73.1
    #IPV6 configuration
    auto eth0:3
    iface eth0
    :3 inet6 static
    pre-up modprobe ipv6
    address 2604
    :4600:B01:6137:0000:0000:0000:0010
    netmask 64
    gateway 2604
    :4600:B01:6137:0000:0000:0000:0001
    Still no joy :(
     
    Last edited: May 28, 2014
  17. Tracy Perry

    Tracy Perry Well-Known Member

    Are you sure that gateway IPv6 address exists and is correct?
     
  18. Adam Howard

    Adam Howard Well-Known Member

    I'm getting there...

    In Ubuntu Linux (maybe Debian as well), there is the "privacy" setting that gives you a temp IP. Which is why I kept getting temps listed.

    PHP:
    /etc/sysctl.d/10-ipv6-privacy.conf
    Changed these
    PHP:
    net.ipv6.conf.all.use_tempaddr 2
    net
    .ipv6.conf.default.use_tempaddr 2
    to this
    PHP:
    net.ipv6.conf.all.use_tempaddr 0
    net
    .ipv6.conf.default.use_tempaddr 0
    Then ran
    PHP:
    service procps restart
    This FINALLY allowed me to ping6 out properly
    ping6 ipv6.google.com

    Still no incoming though.... But 1/2 way there so far :D
     
  19. Adam Howard

    Adam Howard Well-Known Member

    I'm beyond confused and puzzled. This is working on 1 domain and only 1 domain.

    /etc/network/interfaces
    PHP:
    auto lo
    iface lo inet loopback
    auto eth0
    iface eth0 inet dhcp
    iface eth0 inet 
    static
            
    address 23.239.64.40
            netmask 255.255.255.192
            gateway 23.239.64.1
    auto eth0
    :1
    iface eth1 inet dhcp
    iface eth0
    :1 inet static
            
    address 23.239.73.208
            netmask 255.255.255.255
            gateway 23.239.73.1
    auto eth0
    :2
    iface eth2 inet dhcp
    iface eth0
    :2 inet static
            
    address 23.239.73.209
            netmask 255.255.255.255
            gateway 23.239.73.1
    #IPV6 configuration
    auto eth0:3
    iface eth3 inet dhcp
    iface eth0
    :3 inet6 static
    pre-up modprobe ipv6
    address 2604
    :4600:b01:6127::2
    netmask 64
    gateway 2604
    :4600:b01:6127::1
    This is where it gets a little confusing...

    ip -6 neighbor show dev eth0
    PHP:
    2604:4600:b01:6127::2  FAILED
    2604
    :4600:b01:6127::1 lladdr 00:0c:cf:9a:60:00 router REACHABLE
    2604
    :4600:b01:6127::  FAILED
    fe80
    ::20c:cfff:fe9a:6000 lladdr 00:0c:cf:9a:60:00 router REACHABLE
    And yet, oddly enough it is working on sociallyuncensored.eu

    ip -6 address show eth0
    PHP:
    2eth0: <BROADCAST,MULTICAST,UP,LOWER_UPmtu 1500 qlen 1000
        inet6 2604
    :4600:b01:6137:223:7dff:fe50:c517/64 scope global dynamic 
           valid_lft 2587345sec preferred_lft 600145sec
        inet6 2604
    :4600:b01:6127:223:7dff:fe50:c517/64 scope global dynamic 
           valid_lft 2587345sec preferred_lft 600145sec
        inet6 fe80
    ::223:7dff:fe50:c517/64 scope link 
           valid_lft forever preferred_lft forever
    Do not know why my server seems to like that IP address (2604:4600:b01:6127:223:7dff:fe50:c517), but it does.

    Now if this isn't strange enough... IF I attempt to add any other IP in nginx or to another domain... I get this...

    PHP:
    nginx: [emergduplicate listen options for [IP-HERE]:80 in /etc/nginx/conf.d/sociallyuncensored_net.conf:3
    nginx
    configuration file /etc/nginx/nginx.conf test failed
    Replace "IP-HERE" with whatever I decide to add.

    So I am puzzled.... Very puzzled.
     
  20. Adam Howard

    Adam Howard Well-Known Member

Share This Page