Conversation
stefan
stefan
confusion IPv6, routers, ISPs, domains, firewalls
Show content
I am so utterly confused right now. Home servering is hard so I wanna vent a little please.
So I recently Moved and my new ISP is more or less IPv6 only*. You can get a dynamic v4 for a little bit extra. But me is cheap. Also have a Fritzbox now.
I setup my homeserver and ran the dyndns script it uses external services to determine the IPv4/6 of the server and send them to netcup. according to rick I still get a shared v4 (DSLite) for some applications.
So the script updated the adress. but I am kinda only able to reach my domains when on the same network as the fritzbox. Trying to connect via either of my phone carriers (one being congstar [Telekom], the other SimOn [,Vodafone]) One complains about network access being denied (ERR_NETWORK_ACCESS_DENIED, while other cannot resolve the domain-name (ERR_NAME_NOT_RESOLVED). I
- use cloudflare temporarily as DNs since they update fast
- disabled fritzbox firewall for that, by marking it an exposed host. (Ports are forwarded correctly still)
- disbaled UFW on the server.
I just don't get what is wrong.
If you want to dig around feel free to use the sharkey-domain shark.lightnovel-dungeon.de
So I recently Moved and my new ISP is more or less IPv6 only*. You can get a dynamic v4 for a little bit extra. But me is cheap. Also have a Fritzbox now.
I setup my homeserver and ran the dyndns script it uses external services to determine the IPv4/6 of the server and send them to netcup. according to rick I still get a shared v4 (DSLite) for some applications.
So the script updated the adress. but I am kinda only able to reach my domains when on the same network as the fritzbox. Trying to connect via either of my phone carriers (one being congstar [Telekom], the other SimOn [,Vodafone]) One complains about network access being denied (ERR_NETWORK_ACCESS_DENIED, while other cannot resolve the domain-name (ERR_NAME_NOT_RESOLVED). I
- use cloudflare temporarily as DNs since they update fast
- disabled fritzbox firewall for that, by marking it an exposed host. (Ports are forwarded correctly still)
- disbaled UFW on the server.
I just don't get what is wrong.
If you want to dig around feel free to use the sharkey-domain shark.lightnovel-dungeon.de
1
0
0
re: confusion IPv6, routers, ISPs, domains, firewalls
Show content
I do wonder if @Johann150 can help me out here. I clearly forgot something...
1
0
0
Johann150 ⁂ 
☮
Johann150@genau.qwertqwefsday.eu
@stefan hmm, I don’t really have time right now because work, but I noticed that there is something weird going on with your DNS NS records
(Just had a quick look with https://ready.chair6.net )
1
0
1
@Johann150 Wee okay. Thanks Johann. Maybe rick will have some time to help me out today evening then.
I have my DNS with netcup. I do wonder if they are doing stuff or my ISP?
I will have to look into stuff then again.
I have my DNS with netcup. I do wonder if they are doing stuff or my ISP?
I will have to look into stuff then again.
1
0
0
@Johann150 So with the help of @rick I could seemingly pinpoint what the problem is. DNS was always fine and correct. It seems normal that IPv6 NS throws a warn for subdomains. It uses the NS of the domain. (same with your fedi-instance Johann)
Other than that we figured out that the Forwarding from Fritzbox to server was not working correctly
It was the internal "forward" that did not work, so its also not the ISP blocking ports or anything.
The network at home gets disconnected every day by the ISP forceably. Nothing I can do on that. The Fritzbox only allows to postpone this every few hours.
So Each day I get a new v6 prefix (first 64 bits of the adress) but for whatever reason the server also changes its host-id (second 64 bits of the adress) so the whole adress changes every night.
To forward v6 correctly the Fritzbox needs you to enter the interface-id (basically host-id) of the device. The fritzbox can do this automatically for the devices that were on the internet before. (indicated by a green world symbol on the dashboard instead of just green dot).
As for now the host-id of the server changes every night (after being assigned a new prefix...,) and the fritzbox is not able to update the host-id itself. So each night it wants to forward traffic to a non-existing host-id. Resulting in yesterdays errors....
So now I need to find a way to get a static host-id to.that server. DNS will be handled by a script on the server itself. WHAT A PAIN!
Other than that we figured out that the Forwarding from Fritzbox to server was not working correctly
It was the internal "forward" that did not work, so its also not the ISP blocking ports or anything.
The network at home gets disconnected every day by the ISP forceably. Nothing I can do on that. The Fritzbox only allows to postpone this every few hours.
So Each day I get a new v6 prefix (first 64 bits of the adress) but for whatever reason the server also changes its host-id (second 64 bits of the adress) so the whole adress changes every night.
To forward v6 correctly the Fritzbox needs you to enter the interface-id (basically host-id) of the device. The fritzbox can do this automatically for the devices that were on the internet before. (indicated by a green world symbol on the dashboard instead of just green dot).
As for now the host-id of the server changes every night (after being assigned a new prefix...,) and the fritzbox is not able to update the host-id itself. So each night it wants to forward traffic to a non-existing host-id. Resulting in yesterdays errors....
So now I need to find a way to get a static host-id to.that server. DNS will be handled by a script on the server itself. WHAT A PAIN!
1
1
0
@Johann150 dunno if you are interested in this Johann or not, but I will post anyway. I have found a solution for giving out the same host adress. According to serverfault there are quite some of them. Even with systemd 
(version 250 or newer but Ubuntu 22.04 LTS has only 249 lol)
So I used nmcli as described here: https://serverfault.com/a/968644 Though I could not use the device name and had to use the NAME of the Connection in NetworkManager- Mine being "Wired Connection 1"
But there are other solutions as well: https://serverfault.com/a/1109923 The systemd one seems useful
(version 250 or newer but Ubuntu 22.04 LTS has only 249 lol) So I used nmcli as described here: https://serverfault.com/a/968644 Though I could not use the device name and had to use the NAME of the Connection in NetworkManager- Mine being "Wired Connection 1"
But there are other solutions as well: https://serverfault.com/a/1109923 The systemd one seems useful
1
0
0
Johann150 ⁂ ☮
Johann150@genau.qwertqwefsday.eu
@stefan hmm interesting. I didn’t think about it before, but it kinda makes sense that you don’t assign a static IP in the fritzbox like for IPv4 because IPv6 has autoconfiguration.
1
0
1
@Johann150 learned many things for sure. Now I am thinking about something silly I could assign as a Host-ID. 
1
0
0
@Johann150
@rick already thought of acab 4 times, which I will not But asking a text to Hexadecimal I could use
LightNov -> 4c69:6768:744e:6f76
Though yours is even sillier...
or something like blobfox with two 00 in front like: 0062:6c6f:6266:6f78
gotta love silly stuff in networking. I deserve some sillyness after all that work
@rick already thought of acab 4 times, which I will not But asking a text to Hexadecimal I could use
LightNov -> 4c69:6768:744e:6f76
Though yours is even sillier...
or something like blobfox with two 00 in front like: 0062:6c6f:6266:6f78
gotta love silly stuff in networking. I deserve some sillyness after all that work
1
0
0