tormozillo Posted July 25, 2023 Posted July 25, 2023 Hi, I had a static ipv6 route with this setting: ipv6 static tcp PPPoE0 [mac] 443 It works nice! My server serves HTTPS website on ipv6 only address and accessible from everywhere. But after I added the same for ipv4: ip static tcp PPPoE0 443 [mac] !https ...something goes wrong, internet port scanners report my server has open 443 port on ipv4 only, not ipv6. KN-1611, OS version 4.0.1 1 Quote
1 Le ecureuil Posted April 23, 2024 Posted April 23, 2024 We have implemented the ping-based probing in the future 4.2 release. 1 1 Quote
0 tormozillo Posted July 25, 2023 Author Posted July 25, 2023 (edited) I discovered ipv6 static command works for a short time after pinging this ipv6 address from Keenetic web-console. It's clear that neighbor discovery has broken in 4.0.1 ip -6 neigh on local computers reports with both global 2a03:: and local fe80:: ipv6 address of my web-server, so the problem not in the server side. Edited July 25, 2023 by tormozillo 1 Quote
0 AlexCh Posted July 26, 2023 Posted July 26, 2023 14 часа назад, tormozillo сказал: I discovered ipv6 static command works for a short time after pinging this ipv6 address from Keenetic web-console. It's clear that neighbor discovery has broken in 4.0.1 ip -6 neigh on local computers reports with both global 2a03:: and local fe80:: ipv6 address of my web-server, so the problem not in the server side. I confirm that in 4.0.1 IPv6 neighbor detection does not work correctly, but technical support answered me that the reason is in my devices on the local network. Quote
0 tormozillo Posted July 26, 2023 Author Posted July 26, 2023 2 часа назад, AlexCh сказал: I confirm that in 4.0.1 IPv6 neighbor detection does not work correctly, but technical support answered me that the reason is in my devices on the local network. A solution might be done from server side. I found this bash-script on Archlinux wiki, after run once ipv6 works at least 12 hours now: #!/usr/bin/bash declare -a l_ifs readarray l_ifs < <(/sbin/ip -6 -j address | jq -r '.[] | .ifname ') for l_if in ${l_ifs[@]} ; do echo $l_if declare -a l_addrs readarray l_addrs < <(/sbin/ip -6 -j address show dev "$l_if" | \ jq -r '.[0].addr_info[].local') for l_addr in ${l_addrs[@]} ; do echo $l_addr ping -c 4 -6 -I "$l_addr" ff02::1%"$l_if" done done Quote
0 AlperShal Posted August 27, 2023 Posted August 27, 2023 I am having the same problem. ipv6 static tcpudp PPPoE0 [mac] [port] After running this command people are able to connect to my home lab for maximum of 5 minutes and then they can't. There is clearly a problem with this command. Quote
0 AlperShal Posted September 8, 2023 Posted September 8, 2023 (edited) Did anyone found a solution to this? I have iPv6 but I can't use it. This is really annoying. Edited September 8, 2023 by AlperShal Quote
Question
tormozillo
Hi, I had a static ipv6 route with this setting:
ipv6 static tcp PPPoE0 [mac] 443
It works nice! My server serves HTTPS website on ipv6 only address and accessible from everywhere.
But after I added the same for ipv4:
ip static tcp PPPoE0 443 [mac] !https
...something goes wrong, internet port scanners report my server has open 443 port on ipv4 only, not ipv6.
KN-1611, OS version 4.0.1
6 answers to this question
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.