IPv6 to IPv4
Rhys Ferris
rhys.j.ferris at gmail.com
Mon Dec 16 17:44:47 UTC 2019
THANKS SO MUCH!
One of those things where I started with something someone else built
without fully understanding it. Learning as I go. Thanks again!
Rhys
On 12/16/19 12:36 AM, Sergey Kandaurov wrote:
>> On 16 Dec 2019, at 12:14, Rhys Ferris <rhys.j.ferris at gmail.com> wrote:
>>
>> hi, sorry for the extreme delay... i was lazy.
>> Here's what happens when I connect to my server on IPv6 (mind you, everything works fine if I remove the AAAA record):
>> 2019/12/15 22:53:44 [crit] 15662#15662: *2225 bind(<my server's IPv6 address here>) failed (97: Address family not supported by protocol) while connecting to upstream, client: <my desktop's IPv6 address here>, server: domain.net, request: "GET /sonarr/plugins/bower_components/bootstrap-select/bootstrap-select.min.js HTTP/2.0", upstream:
>> "http://192.168.136.135:8989/sonarr/plugins/bower_components/boots
>> trap-select/bootstrap-select.min.js"
>> , host: "domain.net", referrer: "https://domain.net/sonarr/"
>>
>> [...]
>>
>> The way I'm reading it is that it is trying to connect from IPv6 source interface to IPv4 destination interface, and well, that obviously doesn't work. Here's my configs
>> nginx.conf
>>
> Your analysis looks correct (see below).
>
>> [..]
>>
>> excerpt of domain.net.conf
>>
>>
>> ##Orgv2 Let's encrypt vhost - Non SSL
>> ##vhost_template_v: v1.0.2
>> ##author: elmerfdz
>>
>> ##
>> http://domain.net redirects to https://domain.net
>>
>> # include config/domain.net/http_server.conf;
>> upstream sonarr-upstream { server 192.168.136.135:8989; }
>> upstream radarr-upstream { server 192.168.136.135:7878; }
>> upstream tautulli-upstream { server 192.168.136.141:8181; }
>> upstream webmin-upstream { server 192.168.136.130:10000; }
>>
>> ## Serves
>> https://www.domain.net
>>
>> server {
>> listen 443 ssl http2; listen [::]:443 ssl http2;
>> server_name domain.net;
>> include /etc/nginx/config/domain.net/ssl.conf; #edit path to your certs
>> root /var/www/domain.net/html;
>> index index.php index.html index.htm index.nginx-debian.html;
>> location ~ /auth-(.*) { rewrite ^/auth-(.*) /api/?v1/auth&group=$1; } #Org Auth
>> error_page 400 401 403 404 405 408 500 502 503 504 /?error=$status; #error page
>> location / {try_files $uri $uri/ =404;}
>> include config/domain.net/phpblock.conf; #PHP Block
>> location /sonarr/ {
>> proxy_pass
>> http://sonarr-upstream
>> ;
>> include config/domain.net/proxy.conf;
>> error_page 400 401 403 404 405 408 500 502 503 504 /?error=$status; #error page
>> }
>> ssl_certificate /etc/letsencrypt/live/domain.net/fullchain.pem; # managed by Certbot
>> ssl_certificate_key /etc/letsencrypt/live/domain.net/privkey.pem; # managed by Certbot
>>
>>
>> And on the off chance you need it, heres proxy.conf
>>
>> client_max_body_size 10m;
>> client_body_buffer_size 128k;
>> proxy_bind $server_addr;
> Try removing this directive, that's likely the culprit.
> Your backend addresses are IPv4, while you're trying binding IPv6 ($server_addr),
> hence address family mismatch. That's not going to work.
>
--
Sent from Thunderbird on Ubuntu 19.04
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4452 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20191216/96708607/attachment.bin>
More information about the nginx
mailing list