TL;DR: The DNS-proposition lacks IPv6 AAAA-records. How to repair?
I have some virtual Yunohosts running on a local Proxmox-server. This one is on Yunohost 3.7, being upgraded to 3.8
They all have IPv4 as well as IPv6 assigned to them, and the firewall is opened for both protocols for the necessary ports.
I also added an A-record as well as AAAA-records in DNS.
While troubleshooting XMPP-connectivity, I noticed on the domain --> DNS configuration page in the Yunohost admin panel, that the AAAA domain is missing.
Is this Yunohost unaware of the available IPv6 address? How do I check that, and how to add?
=================================
Base system (basesystem)
=================================
[INFO] Server hardware architecture is lxc amd64
[INFO] Server is running Linux kernel 5.3.13-1-pve
[INFO] Server is running Debian 9.12
[INFO] Server is running YunoHost 3.8.4.6 (stable)
- yunohost version: 3.8.4.6 (stable)
- yunohost-admin version: 3.8.3.3 (stable)
- moulinette version: 3.8.1.2 (stable)
- ssowat version: 3.8.0.1 (stable)
=================================
Internet connectivity (ip)
=================================
[WARNING] The server does not have working IPv6.
=================================
DNS records (dnsrecords)
=================================
- The following DNS record does not seem to follow the recommended configuration:
Type: AAAA
Name: @
Current value: 2001:985:b79a:1:ddde:1fba:b0de:234d
Expected value: None
When logged in through SSH, I don’t see the cause:
admin@sanyi:~$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
75: eth0@if76: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 20:10:02:01:75:2c brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 80.127.182.181/29 brd 80.127.182.183 scope global eth0
valid_lft forever preferred_lft forever
inet6 2001:985:b79a:1:ddde:1fba:b0de:234d/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::2210:2ff:fe01:752c/64 scope link
valid_lft forever preferred_lft forever
admin@sanyi:~$ curl ip6.yunohost.org
curl: (7) Couldn't connect to server
admin@sanyi:~$ ip -6 route show table all
2001:985:b79a:1::/64 dev eth0 proto kernel metric 256 pref medium
fe80::/64 dev eth0 proto kernel metric 256 pref medium
local ::1 dev lo table local proto kernel metric 0 pref medium
local 2001:985:b79a:1:ddde:1fba:b0de:234d dev eth0 table local proto kernel metric 0 pref medium
local fe80::2210:2ff:fe01:752c dev eth0 table local proto kernel metric 0 pref medium
ff00::/8 dev eth0 table local metric 256 pref medium
I don’t know how to interpret the routing table; another Yunohost on the same Proxmox does have IPv6, the routing table is comparable:
admin@online:~ $ ip -6 route show table all
2001:985:b79a:: dev eth0 metric 1024 pref medium
2001:985:b79a:1:6d21:81ff:a52e:6f3 dev eth0 proto kernel metric 256 pref medium
2001:985:b79a:1::/64 dev eth0 proto kernel metric 256 expires 5960sec pref medium
fd00::/64 dev eth0 proto kernel metric 256 expires 6995sec pref medium
fe80::/64 dev eth0 proto kernel metric 256 pref medium
default via fe80::2e3a:fdff:fe82:3f23 dev eth0 proto ra metric 1024 expires 1595sec mtu 1492 hoplimit 255 pref medium
local ::1 dev lo table local proto kernel metric 0 pref medium
local 2001:985:b79a:1:6d21:81ff:a52e:6f3 dev eth0 table local proto kernel metric 0 pref medium
local fe80::b2de:ebff:fe5a:2668 dev eth0 table local proto kernel metric 0 pref medium
ff00::/8 dev eth0 table local metric 256 pref medium
admin@online:~ $ curl ip6.yunohost.org
2001:985:b79a:1:6d21:81ff:a52e:6f3
IPv4 does show connection:
admin@sanyi:~$ curl ip4.yunohost.org
<html>
<head><title>302 Found</title></head>
<body bgcolor="white">
<center><h1>302 Found</h1></center>
<hr><center>nginx</center>
</body>
</html> admin@sanyi:~$ ip -4 route show table all
default via 80.127.182.177 dev eth0 onlink
80.127.182.176/29 dev eth0 proto kernel scope link src 80.127.182.181
broadcast 80.127.182.176 dev eth0 table local proto kernel scope link src 80.127.182.181
local 80.127.182.181 dev eth0 table local proto kernel scope host src 80.127.182.181
broadcast 80.127.182.183 dev eth0 table local proto kernel scope link src 80.127.182.181
broadcast 127.0.0.0 dev lo table local proto kernel scope link src 127.0.0.1
local 127.0.0.0/8 dev lo table local proto kernel scope host src 127.0.0.1
local 127.0.0.1 dev lo table local proto kernel scope host src 127.0.0.1
broadcast 127.255.255.255 dev lo table local proto kernel scope link src 127.0.0.1
admin@sanyi:~$
The difference between your two IPv6 “route” table is that one doesn’t have a “default” route (also known as gateway if I’m not mistaking). Therefore no way for it to contact the outside world in IPv6