Invalid URL, ports sans IPv6

Support Installation
, , ,
1

Hello,

Raspberry Pi 3b+ avec Debian 10 YunoHost 4.3.6.3 (stable).
No tweak nor particular setup. / Pas de config particulière

I tried to connect from my domain name but get the Redirect error: Invalid URL.

J’ai tenté de me connecter depuis mon domaine mais obtient l’erreur Redirect error: Invalid URL
logs Yunopaste:

Base system (basesystem)

[INFO] Server hardware architecture is bare-metal arm64

  • Server model is Raspberry Pi 3 Model B Plus Rev 1.3

[INFO] Server is running Linux kernel 5.10.103-v8+

[INFO] Server is running Debian 10.12

[INFO] Server is running YunoHost 4.3.6.3 (stable)

  • yunohost version: 4.3.6.3 (stable)
  • yunohost-admin version: 4.3.4.1 (stable)
  • moulinette version: 4.3.3.1 (stable)
  • ssowat version: 4.3.3.1 (stable)

=================================
Internet connectivity (ip)

[WARNING] DNS resolution seems to be working, but it looks like you’re using a custom /etc/resolv.conf.

  • The file /etc/resolv.conf should be a symlink to /etc/resolvconf/run/resolv.conf itself pointing to 127.0.0.1 (dnsmasq). If you want to manually configure DNS resolvers, please edit /etc/resolv.dnsmasq.conf.

[SUCCESS] The server is connected to the Internet through IPv4!

  • Global IP: xx.xx.xx.xx
  • Local IP: 192.168.1.28

[SUCCESS] The server is connected to the Internet through IPv6!

  • Global IP: xx:xx:xx:xx:xx:xx
  • Local IP: fe80::4635:d58c:ba4a:ccf1

=================================
DNS records (dnsrecords)

[SUCCESS] DNS records are correctly configured for domain maindomain.tld (category basic)

[ERROR] Some DNS records are missing or incorrect for domain maindomain.tld (category mail)

  • Please check the documentation at DNS zone configuration | Yunohost Documentation if you need help about configuring DNS records.
  • The following DNS record does not seem to follow the recommended configuration:
    Type: TXT
    Name: @
    Current value: “v=spf1 mx ~all”
    Expected value: “v=spf1 a mx -all”

[WARNING] Some DNS records are missing or incorrect for domain maindomain.tld (category xmpp)

  • Please check the documentation at DNS zone configuration | Yunohost Documentation if you need help about configuring DNS records.
  • According to the recommended DNS configuration, you should add a DNS record with the following info.
    Type: SRV
    Name: _xmpp-client._tcp
    Value: 0 5 5222 maindomain.tld.
  • According to the recommended DNS configuration, you should add a DNS record with the following info.
    Type: SRV
    Name: _xmpp-server._tcp
    Value: 0 5 5269 maindomain.tld.
  • According to the recommended DNS configuration, you should add a DNS record with the following info.
    Type: CNAME
    Name: xmpp-upload
    Value: maindomain.tld.

[SUCCESS] DNS records are correctly configured for domain maindomain.tld (category extra)

[SUCCESS] Your domains are registered and not going to expire anytime soon.

  • maindomain.tld expires in 728 days.

=================================
Ports exposure (ports)

[ERROR] Port 22 is not reachable from outside in IPv6.

[ERROR] Port 25 is not reachable from outside.

[ERROR] Port 80 is not reachable from outside in IPv6.

[ERROR] Port 443 is not reachable from outside in IPv6.

[ERROR] Port 587 is not reachable from outside in IPv6.

[ERROR] Port 993 is not reachable from outside in IPv6.

[ERROR] Port 5222 is not reachable from outside in IPv6.

[ERROR] Port 5269 is not reachable from outside in IPv6.

=================================
Web (web)

[ERROR] Domain maindomain.tld appears unreachable through HTTP from outside the local network in IPv6, though it works in IPv4.

  • Timed-out while trying to contact your server from outside. It appears to be unreachable.
    1. The most common cause for this issue is that port 80 (and 443) are not correctly forwarded to your server.
    2. You should also make sure that the service nginx is running
    3. On more complex setups: make sure that no firewall or reverse-proxy is interfering.

=================================
Email (mail)

[ERROR] The SMTP mail server cannot send emails to other servers because outgoing port 25 is blocked in IPv4.

  • You should first try to unblock outgoing port 25 in your internet router interface or your hosting provider interface. (Some hosting provider may require you to send them a support ticket for this).
  • Some providers won’t let you unblock outgoing port 25 because they don’t care about Net Neutrality.
    • Some of them provide the alternative of using a mail server relay though it implies that the relay will be able to spy on your email traffic.
    • A privacy-friendly alternative is to use a VPN with a dedicated public IP to bypass this kind of limits. See YunoHost • index
    • You can also consider switching to a more net neutrality-friendly provider

[ERROR] The SMTP mail server cannot send emails to other servers because outgoing port 25 is blocked in IPv6.

  • You should first try to unblock outgoing port 25 in your internet router interface or your hosting provider interface. (Some hosting provider may require you to send them a support ticket for this).
  • Some providers won’t let you unblock outgoing port 25 because they don’t care about Net Neutrality.
    • Some of them provide the alternative of using a mail server relay though it implies that the relay will be able to spy on your email traffic.
    • A privacy-friendly alternative is to use a VPN with a dedicated public IP to bypass this kind of limits. See YunoHost • index
    • You can also consider switching to a more net neutrality-friendly provider

[ERROR] The SMTP mail server is unreachable from the outside on IPv4. It won’t be able to receive emails.

  • Could not open a connection on port 25 to your server in IPv4. It appears to be unreachable.
    1. The most common cause for this issue is that port 25 is not correctly forwarded to your server.
    2. You should also make sure that service postfix is running.
    3. On more complex setups: make sure that no firewall or reverse-proxy is interfering.

[ERROR] The SMTP mail server is unreachable from the outside on IPv6. It won’t be able to receive emails.

  • Could not open a connection on port 25 to your server in IPv6. It appears to be unreachable.
    1. The most common cause for this issue is that port 25 is not correctly forwarded to your server.
    2. You should also make sure that service postfix is running.
    3. On more complex setups: make sure that no firewall or reverse-proxy is interfering.

[ERROR] The reverse DNS is not correctly configured in IPv4. Some emails may fail to get delivered or may get flagged as spam.

  • Current reverse DNS: l6.lns-se1200-ld-01-t2-31-35-208-159.dsl.dyn.abo.bbox.fr
    Expected value: maindomain.tld
  • You should first try to configure the reverse DNS with maindomain.tld in your internet router interface or your hosting provider interface. (Some hosting provider may require you to send them a support ticket for this).
  • Some providers won’t let you configure your reverse DNS (or their feature might be broken…). If you are experiencing issues because of this, consider the following solutions:
    • Some ISP provide the alternative of using a mail server relay though it implies that the relay will be able to spy on your email traffic.
    • A privacy-friendly alternative is to use a VPN with a dedicated public IP to bypass this kind of limits. See YunoHost • index
    • Or it’s possible to switch to a different provider

[ERROR] No reverse DNS is defined in IPv6. Some emails may fail to get delivered or may get flagged as spam.

  • You should first try to configure the reverse DNS with maindomain.tld in your internet router interface or your hosting provider interface. (Some hosting provider may require you to send them a support ticket for this).
  • Some providers won’t let you configure your reverse DNS (or their feature might be broken…). If your reverse DNS is correctly configured for IPv4, you can try disabling the use of IPv6 when sending emails by running ‘yunohost settings set smtp.allow_ipv6 -v off’. Note: this last solution means that you won’t be able to send or receive emails from the few IPv6-only servers out there.

[ERROR] Your IP or domain xx.xx.xx.xx is blacklisted on Spamhaus ZEN

[SUCCESS] 0 pending emails in the mail queues

=================================
Services status check (services)

[SUCCESS] Service dnsmasq is running!

[SUCCESS] Service dovecot is running!

[SUCCESS] Service fail2ban is running!

[SUCCESS] Service metronome is running!

[SUCCESS] Service mysql is running!

[SUCCESS] Service nginx is running!

[SUCCESS] Service php7.3-fpm is running!

[SUCCESS] Service php8.0-fpm is running!

[SUCCESS] Service postfix is running!

[SUCCESS] Service redis-server is running!

[SUCCESS] Service rspamd is running!

[SUCCESS] Service slapd is running!

[SUCCESS] Service ssh is running!

[SUCCESS] Service yunohost-api is running!

[SUCCESS] Service yunohost-firewall is running!

[SUCCESS] Service yunomdns is running!

=================================
System resources (systemresources)

[SUCCESS] The system still has 376 MiB (41%) RAM available out of 910 MiB.

[INFO] The system has only 100 MiB swap. You should consider having at least 512 MiB to avoid situations where the system runs out of memory.

  • Please be careful and aware that if the server is hosting swap on an SD card or SSD storage, it may drastically reduce the life expectancy of the device`.

[SUCCESS] Storage / (on device /dev/root) still has 21 GiB (75%) space left (out of 28 GiB)!

[SUCCESS] Storage /boot (on device /dev/mmcblk0p1) still has 222 MiB (88%) space left (out of 252 MiB)!

=================================
System configurations (regenconf)

[SUCCESS] All configurations files are in line with the recommended configuration!

=================================
Applications (apps)

[SUCCESS] All installed apps respect basic packaging practices

Thanks for the help / Merci de l’aide!

2

Looks like a firewall problem from the Diagnosis. Could you open the Admin Panel → Tools → Firewall and make sure Ports 80 and 443 are green for IPv4 and IPv6

(You might have to enable 22 as well if you want SSH to work)

Edit: Check and enable all the ports showing an error in the “Ports exposure” section for a better experience with other services

1 Like
3

Heya!

Thank you! All is already open and green for IPv4 and IPv6 except UPnP for port 53 in TCP and all UPnP three ports (53, 1900 and 5353) in UDP.

4

If your settings in the Firewall are correct then that means your router isn’t setup properly.

  1. What happens when you directly enter the IPv4 address from a device not on the wifi network? (Use mobile data on your phone to check) — If you’re able to see the admin panel then it means the settings for IPv4 are correct and you need to change stuff for IPv6

  2. Did you ever setup DMZ for IPv6? If not, can you try logging into your router’s admin panel and checking

I personally haven’t dealt with an IPv6 YunoHost server on a home network, so I’m just guessing right now

1 Like
5

Thanks for this exploration of possibilities.

While trying to connect from outside of the local network, it tries for a while ( a full minute of loading) before ending on Web page not available (net:: ERR_CONNECTION_TIMED_OUT).

I didn’t set DMZ but after doing so, the page stays black (no error, just black).

Would it be possible that I screwed up my DNS records?

6

Even if you screwed up your DNS records, directly inputting the IP address should still connect to your server.

I still think it’s an issue with your configuration in the router. Can you directly try inputting the IPv4 in your browser from outside the network? Also try inputting the IPv6 address from outside the network.

Oh also, from the diagnosis about DNS it looks like you’re using a self-signed certificate, which could result in a black screen while using Safari. Try using Chrome/Microsoft Edge on a laptop/desktop outside your network. (You might have to type “THISISUNSAFE” to bypass the certificate error)

7

Hello,

I have the same problem. I am running Yunohost in version 4.3.6.3 on a Raspberry PI. I can reach my server directly via the IPv4, but not with the IPv6 address.
Furthermore I have found out that the results from https://whatismyipaddress.com/ and the Diagnosis tool in Yunohost are the same for my IPv4 but are different for the IPv6. Could that be something to look into?

All the best

Lars

8

Found the solution here: IPv6 Connections works not properly - #9 by Rudi

9

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.