DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 10th October 2015
22decembre 22decembre is offline
Port Guard
 
Join Date: Dec 2014
Posts: 40
Default ipv6 connectivity

Hello.

I have something really weird currently. Some issues with ipv6 connectivity to my openbsd server :

- ssh -6 connection are extremely slow to establish.
- httpd does not listen on inet6

I have no idea why ! I obviously made running them on verbose mode.

Ssh -6 is just slow (takes minutes to establish, the hang happens at the time presenting keys). Whereas ssh -4 is almost immediate.

httpd simply does not notice (apparently) there are ipv6 address to listen to.

The weird thing is that ping(6) is not affected, nor the ipv6 connectivity through the server (has it serves as a virtual router).

Do someone has a suggestion, where to start to investigate ? What should I show you either ?
Reply With Quote
  #2   (View Single Post)  
Old 10th October 2015
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 6,241
Default

I'm going to take a wild guess that Reverse DNS is not provisioned properly for your IPv6 addresses. See FAQ 8.22.
Reply With Quote
  #3   (View Single Post)  
Old 11th October 2015
22decembre 22decembre is offline
Port Guard
 
Join Date: Dec 2014
Posts: 40
Default

Ok, thanks for the tricks to dns reverse. I will see.

What for httpd ?

Code:
stephane@blackblock:/home/stephane netstat -t -f inet |grep https
tcp          0      0  blackblock.https       latitude77.org.18057 ESTABLISHED
stephane@blackblock:/home/stephane netstat -t -f inet6 |grep https                                   
stephane@blackblock:/home/stephane
I don't see what forbids httpd to listen to inet6.

Code:
server "blackblock.22decembre.eu" {
        include "/etc/httpd.tls"

        root "/blackblock"
        directory index index.html

        log error blackblock-error.log
        log access blackblock-access.log

        location "/owncloud/"   { directory index index.php }
        location "/links/"      { directory index index.php }
        location "/wallabag/"   { directory index index.php }

        location "*.php" { fastcgi socket "/tmp/php.sock" }
}

server "blackblock.22decembre.eu" {
        listen on egress        port 80
        block return 301 "https://$SERVER_NAME$REQUEST_URI"
}
the include :

Code:
listen on re0 tls port 443

tls     key             "/etc/ssl/private/server.key"
tls     certificate     "/etc/ssl/server.crt"
tls     protocols       "TLSv1.2,TLSv1.1"

# common ciphers
tls     ciphers "AES256+EECDH:AES256+EDH"
Reply With Quote
  #4   (View Single Post)  
Old 11th October 2015
22decembre 22decembre is offline
Port Guard
 
Join Date: Dec 2014
Posts: 40
Default

Solved, I simply added

Code:
listen on *     port 80
listen on ::    port 80
and https counterpart everywhere.
Reply With Quote
Reply

Tags
ipv6

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
OpenBSD IPv6: 6rd with OpenBSD J65nko News 0 30th August 2013 05:32 AM
Connectivity Drop alpha202ej OpenBSD Security 1 19th April 2012 04:58 PM
With World IPv6 Launch, IPv6 on by default will be the new normal J65nko News 0 29th March 2012 07:59 PM
PPTP Server, no internet connectivity (routing between interfaces?) godfrank FreeBSD Ports and Packages 5 15th April 2009 04:44 PM
Asking about IPv6 address berlowin Off-Topic 2 9th July 2008 02:39 AM


All times are GMT. The time now is 02:47 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick