Server not listening on IPv6

Our Let’s encrypt certificate failed to renew today. It was because the server is not responding on IPv6. For now we fixed it by removing the IPv6 entry from the DNS.

I guess this was working before, but I don’t really know. I’m not sure what to check here. Any pointers?

The firewall seems ok:

$ sudo ufw status
Status: active

To                         Action      From
--                         ------      ----
[...]        
80 (v6)                    ALLOW       Anywhere (v6)             
80/tcp (v6)                ALLOW       Anywhere (v6)             
443/tcp (v6)               ALLOW       Anywhere (v6)

But it’s only listening on IPv4:

$ ss -tulpn | grep -e 80 -e 443
tcp    LISTEN  0       128            0.0.0.0:80          0.0.0.0:*             
tcp    LISTEN  0       128            0.0.0.0:443         0.0.0.0:*   

Installs following Discourse official Standard Installation will work just fine on IPv6 provided the admin setup the DNS AAAA entry and the host machine has IPv6 connectivity. This is tested in the VPS offering for Digital Ocean constantly by our team.

Using other providers and install methods introduce many variables and we aren’t able to provide support to all possible combinations.

That said, can you share the output of docker ps ?

2 Likes

Sure thing:

$ sudo docker ps
CONTAINER ID   IMAGE                 COMMAND        CREATED        STATUS        PORTS                                      NAMES
15ceb9642e9b   local_discourse/app   "/sbin/boot"   3 months ago   Up 3 months   0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp   app

thank you!