[solved ]IPv6 AAAA missing in DNS-proposal (lacked default route)

Hi all,

TL;DR: The DNS-proposition lacks IPv6 AAAA-records. How to repair?

I have some virtual Yunohosts running on a local Proxmox-server. This one is on Yunohost 3.7, being upgraded to 3.8

They all have IPv4 as well as IPv6 assigned to them, and the firewall is opened for both protocols for the necessary ports.

I also added an A-record as well as AAAA-records in DNS.

While troubleshooting XMPP-connectivity, I noticed on the domain --> DNS configuration page in the Yunohost admin panel, that the AAAA domain is missing.

Is this Yunohost unaware of the available IPv6 address? How do I check that, and how to add?

If there’s no AAAA record, I would expect that Yunohost did not detect that you have a working IPv6…

What does Yunohost say about it in Diagnosis, section Internet connectivity ?

The diagnosis screen is wonderful!

Yes, indeed… it seems Yunohost does not see the IPv6 address. (Paste complete diagnosis)

=================================
Base system (basesystem)
=================================

[INFO] Server hardware architecture is lxc amd64

[INFO] Server is running Linux kernel 5.3.13-1-pve

[INFO] Server is running Debian 9.12

[INFO] Server is running YunoHost 3.8.4.6 (stable)
  - yunohost version: 3.8.4.6 (stable)
  - yunohost-admin version: 3.8.3.3 (stable)
  - moulinette version: 3.8.1.2 (stable)
  - ssowat version: 3.8.0.1 (stable)


=================================
Internet connectivity (ip)
=================================
[WARNING] The server does not have working IPv6.
=================================
DNS records (dnsrecords)
=================================
  - The following DNS record does not seem to follow the recommended configuration:
    Type: AAAA
    Name: @
    Current value: 2001:985:b79a:1:ddde:1fba:b0de:234d
    Expected value: None

When logged in through SSH, I don’t see the cause:

admin@sanyi:~$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
75: eth0@if76: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 20:10:02:01:75:2c brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet 80.127.182.181/29 brd 80.127.182.183 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 2001:985:b79a:1:ddde:1fba:b0de:234d/64 scope global 
       valid_lft forever preferred_lft forever
    inet6 fe80::2210:2ff:fe01:752c/64 scope link 
       valid_lft forever preferred_lft forever

Can you return the output of

ip -6 route show table all

and also check that

curl ip6.yunohost.org

does return your ipv6 address?

That explains something, no connection on IPv6

admin@sanyi:~$ curl ip6.yunohost.org
curl: (7) Couldn't connect to server
admin@sanyi:~$ ip -6 route show table all
2001:985:b79a:1::/64 dev eth0 proto kernel metric 256  pref medium
fe80::/64 dev eth0 proto kernel metric 256  pref medium
local ::1 dev lo table local proto kernel metric 0  pref medium
local 2001:985:b79a:1:ddde:1fba:b0de:234d dev eth0 table local proto kernel metric 0  pref medium
local fe80::2210:2ff:fe01:752c dev eth0 table local proto kernel metric 0  pref medium
ff00::/8 dev eth0 table local metric 256  pref medium

I don’t know how to interpret the routing table; another Yunohost on the same Proxmox does have IPv6, the routing table is comparable:

admin@online:~ $ ip -6 route show table all
2001:985:b79a:: dev eth0 metric 1024  pref medium
2001:985:b79a:1:6d21:81ff:a52e:6f3 dev eth0 proto kernel metric 256  pref medium
2001:985:b79a:1::/64 dev eth0 proto kernel metric 256  expires 5960sec pref medium
fd00::/64 dev eth0 proto kernel metric 256  expires 6995sec pref medium
fe80::/64 dev eth0 proto kernel metric 256  pref medium
default via fe80::2e3a:fdff:fe82:3f23 dev eth0 proto ra metric 1024  expires 1595sec mtu 1492 hoplimit 255 pref medium
local ::1 dev lo table local proto kernel metric 0  pref medium
local 2001:985:b79a:1:6d21:81ff:a52e:6f3 dev eth0 table local proto kernel metric 0  pref medium
local fe80::b2de:ebff:fe5a:2668 dev eth0 table local proto kernel metric 0  pref medium
ff00::/8 dev eth0 table local metric 256  pref medium
admin@online:~ $ curl ip6.yunohost.org
2001:985:b79a:1:6d21:81ff:a52e:6f3

IPv4 does show connection:

admin@sanyi:~$ curl ip4.yunohost.org
<html>
<head><title>302 Found</title></head>
<body bgcolor="white">
<center><h1>302 Found</h1></center>
<hr><center>nginx</center>
</body>
</html>    admin@sanyi:~$ ip -4 route show table all
default via 80.127.182.177 dev eth0 onlink 
80.127.182.176/29 dev eth0 proto kernel scope link src 80.127.182.181 
broadcast 80.127.182.176 dev eth0 table local proto kernel scope link src 80.127.182.181 
local 80.127.182.181 dev eth0 table local proto kernel scope host src 80.127.182.181 
broadcast 80.127.182.183 dev eth0 table local proto kernel scope link src 80.127.182.181 
broadcast 127.0.0.0 dev lo table local proto kernel scope link src 127.0.0.1 
local 127.0.0.0/8 dev lo table local proto kernel scope host src 127.0.0.1 
local 127.0.0.1 dev lo table local proto kernel scope host src 127.0.0.1 
broadcast 127.255.255.255 dev lo table local proto kernel scope link src 127.0.0.1 
admin@sanyi:~$

The difference between your two IPv6 “route” table is that one doesn’t have a “default” route (also known as gateway if I’m not mistaking). Therefore no way for it to contact the outside world in IPv6

Yes, of course. Thanks! I’ll add a default route and see what happens.

I’ll give a shout when that solves this issue

Seems much better:

root@sanyi:~# ip -6 route add default via fe80::2e3a:fdff:fe82:3f23 dev eth0
root@sanyi:~# ^C
root@sanyi:~# logout
admin@sanyi:~$ curl ip6.yunohost.org
2001:985:b79a:1:ddde:1fba:b0de:234d
admin@sanyi:~$

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.