Hurricane Electric's IPv6 Tunnel Broker Forums

General IPv6 Topics => IPv6 Basics & Questions & General Chatter => Topic started by: dfrandin on August 25, 2014, 08:40:35 AM

Title: New to Ipv6..
Post by: dfrandin on August 25, 2014, 08:40:35 AM
I'm trying to get the services I have running on an Ubuntu/Xen virtual server accessable by ipv6. The services are several wordpress sites and a shoutcast stream. The virtual server vendor claims to have full ipv6 support, and there is an ipv6 address in the vendor's prefix assigned to my virtual server, along with the assigned v4 address. I have an AAAA record in the dns for the hostname I want for the server. Its configured as "". If I ping6, I see the correct ipv6 address, but I get no response from the server, nor can I ssh to the to server. On v4, I have the server firewalled to allow only icmp/ping/pong, ssh, shoutcast and http. on v6, I have not messed with ip6tables, so I'm assuming I'm wide open for ipv6.. My puzzlement is the fact I can't access the server via v6, and I've exhausted my meager knowledge of v6.. As far as I know, the vm host does not have a firewall covering the shared nodes on ipv6, I KNOW they don't for ipv4.. Anybody have any ideas? I'm fresh out...
Title: Re: New to Ipv6..
Post by: cholzhauer on August 25, 2014, 09:36:29 AM
If you provide us with the actual domain we can do some testing/discovery and see if we can replicate your findings.
Title: Re: New to Ipv6..
Post by: snarked on August 25, 2014, 11:26:16 AM
Although I know of no Linux distribution that comes with IPv6 firewall rules installed, your assumption that there are none is dangerous.  You should confirm that there are none with a simple "ip6tables -L" command.  Most exploits are over IPv4, but there are some which will use IPv6, so even if there are no firewall rules, you should add some as soon as you resolve your other problems.
Title: Re: New to Ipv6..
Post by: dfrandin on August 25, 2014, 02:06:58 PM
Thanks for the replies!

I did an ip6tables -L and there are no rules entered.. The actual domain is I run a shoutcast station on this system plus  the station's wordpress website, and since I'm trying to learn ipv6, I figured it would be a good learning excuse to allow ipv6 access to the website/station. I have the dns for the domain at and the dns screen on their website for the domain shows I have an AAAA record for with address 2604:c00:a:2:0:1:c0ab:61ed listed.. This is the v6 address I see when I do an ifconfig on the virtual server

inet6 addr: 2604:c00:a:2:0:1:c0ab:61ed/64 Scope:Global

Based on this, I'd suspect a firewall blocking all inbound traffic, since I cannot ping, ssh, grab the shoutcast stream or website at that address.... The only other thing I can think of is this virtual server has two bound interfaces (eth0 and eth0:0). Both have a v4 address, but eth0 is the only interface with a v6 address. The other interface/v4 address is configured in Apache to serve another website for a club I belong to.

Color me puzzled...

Title: Re: New to Ipv6..
Post by: kriteknetworks on August 26, 2014, 04:35:27 AM
Not directly related but when did shoutcast add ipv6 support? I dumped shoutcast 10+ years ago for lack of ipv6 support, not to mention the closed source/lack of ogg etc support.
Title: Re: New to Ipv6..
Post by: dfrandin on August 26, 2014, 09:07:19 AM
Hmm.. I hadn't thought about that.. Dunno if it does have v6 support.. I rebuilt the server last year and upgraded to the latest version of sc_serv and sc_trans available. Of course, at the time I didn't think about ipv6.. I didn't get "on the ipv6 bandwagon" until I bought a new router for the house, and put Tomato firmware on it and realized it not only supported ipv6 but also the tunnelbroker tunnels.. I'd tried setting up a tunnel with my old router and a Linux host to handle the tunnel endpoint, but had lots of problems, so until I got the new router, I'd forgotten about v6.. Since I needed a "project" to learn more about v6, I decided to try and add it to my shoutcast station and its website.. Since DNS seems to know the correct v6 address for "", I'm thinking there is something amiss with the way v6 is configured on the virtual server.. Perhaps a ticket to the vendor is in my future...