IPv6 configuration for a dedicated machine + Nginx
Out Of Date Warning
This article was published on 11/11/2014, this means the content may be out of date or no longer relevant.
You should verify that the technical information in this article is still up to date before relying upon it for your own purposes.
Recently, we stumbled upon IPv6 issues for a side-project. Our server had an IPv6 enabled, but we never configured anything. So some users reported a broken app and running curl from the server to itself doesn't work, either. Running curl with curl -v http://example.com
revealed, that curl indeed used the Ipv6 of the server, which Nginx couldn't handle.
Here are some of the steps we've taken, to make Ipv6 work:
Setup DNS Record
To handle Ipv6, you need to setup an AAAA record at your DNS. The tool dig
should display it alongside the normal A and CNAME records:
$ dig ANY example.com
#...
example.com. 78788 IN AAAA 2606:2800:220:6d:26bf:1447:1097:aa7
How to get that IP? Maybe it's displayed at your hoster's interface, or use ip addr
on the server:
$ ip addr
1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 6c:62:6d:d9:0a:31 brd ff:ff:ff:ff:ff:ff
inet 12.12.12.12/27 brd 12.12.12.12 scope global eth0
valid_lft forever preferred_lft forever
inet6 2a01:5f8:142:2d8::2/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::6e63:7dff:fed8:a32/64 scope link
valid_lft forever preferred_lft forever
Take note of the inet6 part on the eth0 interface with the global (here: 2a01:5f8:142:2d8::2/64). We just ended up putting that part as AAAA entry: 2a01:5f8:142:2d8::1 which seemed to work
Reverse IP
We also put that IP in as Reverse DNS at our hoster's web interface.
Also, update your /etc/hosts
, if it not includes the IP:
# /etc/hosts
127.0.0.1 localhost.localdomain localhost
12.12.12.12 hostname.example.com
2a01:5f8:142:2d8::2 hostname.example.com
Nginx
Just listen to port 80 might be not enough. Add a [::]:
before:
server {
listen 80;
listen [::]:80;
listen 443 ssl;
listen [::]:443 ssl;
server_name example.com;
# ...
Test
If you have no IPv6 connection at home, you can use that site: