Show Posts
1
21.1 Legacy Series / NGINX reverse proxy and IPv6
« on: March 18, 2021, 10:31:51 pm »
Hi,
I have configured a nginx reverse proxy configured with a couple of websites running on VMs inside my network. I use IPv4 and IPv6.
Things are pretty simple, I have a domain name and LetsEncryt wilcard certificate, and I use the reverse to access them.
I configured my Upstreams, Upstream servers, Locations, and HTTP servers. Added a WAN rule (picture)
Everything works.. kind of
My problem is the following :
When I access my sites from the LAN, using the domain name (so it uses the WAN address), it works :
When I access my sites from the outside, it works... as long as I use IPv4 ! Switching to IPv6 it just hangs a while, then throws the errors (same behaviour for http or https, but different messages)...
And can't find anything related in the logs.
The cherry on the top : it works Ok when I disable completely the firewall (Firewall/Settings/Advanced/Disable Firewall).
What am I missing here ?
I have configured a nginx reverse proxy configured with a couple of websites running on VMs inside my network. I use IPv4 and IPv6.
Things are pretty simple, I have a domain name and LetsEncryt wilcard certificate, and I use the reverse to access them.
I configured my Upstreams, Upstream servers, Locations, and HTTP servers. Added a WAN rule (picture)
Everything works.. kind of
My problem is the following :
When I access my sites from the LAN, using the domain name (so it uses the WAN address), it works :
Code: [Select]
# curl -4 -I "https://centreon.domain.com"
HTTP/2 302
server: nginx
date: Thu, 18 Mar 2021 20:57:53 GMT
content-type: text/html; charset=iso-8859-1
location: http://centreon.domain.com/centreonCode: [Select]
# curl -6 -I "https://centreon.domain.com"
HTTP/2 302
server: nginx
date: Thu, 18 Mar 2021 20:58:02 GMT
content-type: text/html; charset=iso-8859-1
location: http://centreon.domain.com/centreonWhen I access my sites from the outside, it works... as long as I use IPv4 ! Switching to IPv6 it just hangs a while, then throws the errors (same behaviour for http or https, but different messages)...
Code: [Select]
# curl -4 -I "https://centreon.domain.com"
HTTP/2 302
server: nginx
date: Thu, 18 Mar 2021 20:56:21 GMT
content-type: text/html; charset=iso-8859-1
location: http://centreon.domain.com/centreonCode: [Select]
# curl -6 -I "https://centreon.domain.com"
curl: (35) LibreSSL SSL_connect: SSL_ERROR_SYSCALL in connection to centreon.domain.com:443Code: [Select]
# curl -4 -I "http://ocsp.domain.com"
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 18 Mar 2021 21:16:37 GMT
Content-Type: application/ocsp-response
Content-Length: 5
Connection: keep-aliveCode: [Select]
# curl -6 -I "http://ocsp.domain.com"
curl: (56) Recv failure: Connection reset by peerAnd can't find anything related in the logs.
The cherry on the top : it works Ok when I disable completely the firewall (Firewall/Settings/Advanced/Disable Firewall).
What am I missing here ?