Я только что развернул новый сервер под управлением Ubuntu 18.04, однако он не отвечает ни на какие службы по IPv6. Он должен поддерживать SSH и Nginx через IPv6, но время ожидания обоих подключений. Я дважды проверил AAAA записи существуют, действительны и верны на стороне DNS. Я также проверил, что сервер настроен на прослушивание IPv6 как для SSH, так и для Nginx, и ничего не должно блокировать его. Но я не понимаю, что может быть виноватым.
Сервер подключается через IPv4 нормально, и он не является локальным для устройства, пытающегося подключиться, поскольку различные устройства в разных сетях, а также несколько сайтов тестирования подключения IPv6 сообщают об отсутствии подключения по IPv6.
РЕДАКТИРОВАТЬ: сервер должен быть доступен через mystral.xyz (просто покажет экран приветствия / по умолчанию Nginx) и 2a01:4f9:c010:5335::/64
netstat -tlnp
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 19582/nginx: master
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 27152/mysqld
tcp 0 0 127.0.0.1:587 0.0.0.0:* LISTEN 6532/sendmail: MTA:
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 19582/nginx: master
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN 555/systemd-resolve
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1135/sshd
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 6532/sendmail: MTA:
tcp6 0 0 :::443 :::* LISTEN 19582/nginx: master
tcp6 0 0 :::80 :::* LISTEN 19582/nginx: master
tcp6 0 0 :::22 :::* LISTEN 1135/sshd
ufw статус
Status: active
To Action From
-- ------ ----
22/tcp ALLOW Anywhere
443/tcp ALLOW Anywhere
80/tcp ALLOW Anywhere
22/tcp (v6) ALLOW Anywhere (v6)
443/tcp (v6) ALLOW Anywhere (v6)
80/tcp (v6) ALLOW Anywhere (v6)
ip6tables -L
Chain INPUT (policy DROP)
target prot opt source destination
ufw6-before-logging-input all anywhere anywhere
ufw6-before-input all anywhere anywhere
ufw6-after-input all anywhere anywhere
ufw6-after-logging-input all anywhere anywhere
ufw6-reject-input all anywhere anywhere
ufw6-track-input all anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
ufw6-before-logging-forward all anywhere anywhere
ufw6-before-forward all anywhere anywhere
ufw6-after-forward all anywhere anywhere
ufw6-after-logging-forward all anywhere anywhere
ufw6-reject-forward all anywhere anywhere
ufw6-track-forward all anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ufw6-before-logging-output all anywhere anywhere
ufw6-before-output all anywhere anywhere
ufw6-after-output all anywhere anywhere
ufw6-after-logging-output all anywhere anywhere
ufw6-reject-output all anywhere anywhere
ufw6-track-output all anywhere anywhere
Chain ufw6-after-forward (1 references)
target prot opt source destination
Chain ufw6-after-input (1 references)
target prot opt source destination
ufw6-skip-to-policy-input udp anywhere anywhere udp dpt:netbios-ns
ufw6-skip-to-policy-input udp anywhere anywhere udp dpt:netbios-dgm
ufw6-skip-to-policy-input tcp anywhere anywhere tcp dpt:netbios-ssn
ufw6-skip-to-policy-input tcp anywhere anywhere tcp dpt:microsoft-ds
ufw6-skip-to-policy-input udp anywhere anywhere udp dpt:dhcpv6-client
ufw6-skip-to-policy-input udp anywhere anywhere udp dpt:dhcpv6-server
Chain ufw6-after-logging-forward (1 references)
target prot opt source destination
LOG all anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] "
Chain ufw6-after-logging-input (1 references)
target prot opt source destination
LOG all anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] "
Chain ufw6-after-logging-output (1 references)
target prot opt source destination
Chain ufw6-after-output (1 references)
target prot opt source destination
Chain ufw6-before-forward (1 references)
target prot opt source destination
DROP all anywhere anywhere rt type:0
ACCEPT all anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp destination-unreachable
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp packet-too-big
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp time-exceeded
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp parameter-problem
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp echo-request
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp echo-reply
ufw6-user-forward all anywhere anywhere
Chain ufw6-before-input (1 references)
target prot opt source destination
ACCEPT all anywhere anywhere
DROP all anywhere anywhere rt type:0
ACCEPT all anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp echo-reply
ufw6-logging-deny all anywhere anywhere ctstate INVALID
DROP all anywhere anywhere ctstate INVALID
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp destination-unreachable
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp packet-too-big
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp time-exceeded
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp parameter-problem
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp echo-request
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp router-solicitation HL match HL == 255
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp router-advertisement HL match HL == 255
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp neighbour-solicitation HL match HL == 255
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp neighbour-advertisement HL match HL == 255
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmptype 141 HL match HL == 255
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmptype 142 HL match HL == 255
ACCEPT ipv6-icmp fe80::/10 anywhere ipv6-icmptype 130
ACCEPT ipv6-icmp fe80::/10 anywhere ipv6-icmptype 131
ACCEPT ipv6-icmp fe80::/10 anywhere ipv6-icmptype 132
ACCEPT ipv6-icmp fe80::/10 anywhere ipv6-icmptype 143
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmptype 148 HL match HL == 255
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmptype 149 HL match HL == 255
ACCEPT ipv6-icmp fe80::/10 anywhere ipv6-icmptype 151 HL match HL == 1
ACCEPT ipv6-icmp fe80::/10 anywhere ipv6-icmptype 152 HL match HL == 1
ACCEPT ipv6-icmp fe80::/10 anywhere ipv6-icmptype 153 HL match HL == 1
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmptype 144
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmptype 145
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmptype 146
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmptype 147
ACCEPT udp fe80::/10 fe80::/10 udp spt:dhcpv6-server dpt:dhcpv6-client
ACCEPT udp anywhere ff02::fb udp dpt:mdns
ACCEPT udp anywhere ff02::f udp dpt:1900
ufw6-user-input all anywhere anywhere
Chain ufw6-before-logging-forward (1 references)
target prot opt source destination
Chain ufw6-before-logging-input (1 references)
target prot opt source destination
Chain ufw6-before-logging-output (1 references)
target prot opt source destination
Chain ufw6-before-output (1 references)
target prot opt source destination
ACCEPT all anywhere anywhere
DROP all anywhere anywhere rt type:0
ACCEPT all anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp destination-unreachable
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp packet-too-big
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp time-exceeded
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp parameter-problem
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp echo-request
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp echo-reply
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp router-solicitation HL match HL == 255
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp neighbour-advertisement HL match HL == 255
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp neighbour-solicitation HL match HL == 255
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmp router-advertisement HL match HL == 255
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmptype 141 HL match HL == 255
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmptype 142 HL match HL == 255
ACCEPT ipv6-icmp fe80::/10 anywhere ipv6-icmptype 130
ACCEPT ipv6-icmp fe80::/10 anywhere ipv6-icmptype 131
ACCEPT ipv6-icmp fe80::/10 anywhere ipv6-icmptype 132
ACCEPT ipv6-icmp fe80::/10 anywhere ipv6-icmptype 143
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmptype 148 HL match HL == 255
ACCEPT ipv6-icmp anywhere anywhere ipv6-icmptype 149 HL match HL == 255
ACCEPT ipv6-icmp fe80::/10 anywhere ipv6-icmptype 151 HL match HL == 1
ACCEPT ipv6-icmp fe80::/10 anywhere ipv6-icmptype 152 HL match HL == 1
ACCEPT ipv6-icmp fe80::/10 anywhere ipv6-icmptype 153 HL match HL == 1
ufw6-user-output all anywhere anywhere
Chain ufw6-logging-allow (0 references)
target prot opt source destination
LOG all anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW ALLOW] "
Chain ufw6-logging-deny (1 references)
target prot opt source destination
RETURN all anywhere anywhere ctstate INVALID limit: avg 3/min burst 10
LOG all anywhere anywhere limit: avg 3/min burst 10 LOG level warning prefix "[UFW BLOCK] "
Chain ufw6-reject-forward (1 references)
target prot opt source destination
Chain ufw6-reject-input (1 references)
target prot opt source destination
Chain ufw6-reject-output (1 references)
target prot opt source destination
Chain ufw6-skip-to-policy-forward (0 references)
target prot opt source destination
DROP all anywhere anywhere
Chain ufw6-skip-to-policy-input (6 references)
target prot opt source destination
DROP all anywhere anywhere
Chain ufw6-skip-to-policy-output (0 references)
target prot opt source destination
ACCEPT all anywhere anywhere
Chain ufw6-track-forward (1 references)
target prot opt source destination
Chain ufw6-track-input (1 references)
target prot opt source destination
Chain ufw6-track-output (1 references)
target prot opt source destination
ACCEPT tcp anywhere anywhere ctstate NEW
ACCEPT udp anywhere anywhere ctstate NEW
Chain ufw6-user-forward (1 references)
target prot opt source destination
Chain ufw6-user-input (1 references)
target prot opt source destination
ACCEPT tcp anywhere anywhere tcp dpt:ssh
ACCEPT tcp anywhere anywhere tcp dpt:https
ACCEPT tcp anywhere anywhere tcp dpt:http
Chain ufw6-user-limit (0 references)
target prot opt source destination
LOG all anywhere anywhere limit: avg 3/min burst 5 LOG level warning prefix "[UFW LIMIT BLOCK] "
REJECT all anywhere anywhere reject-with icmp6-port-unreachable
Chain ufw6-user-limit-accept (0 references)
target prot opt source destination
ACCEPT all anywhere anywhere
Chain ufw6-user-logging-forward (0 references)
target prot opt source destination
Chain ufw6-user-logging-input (0 references)
target prot opt source destination
Chain ufw6-user-logging-output (0 references)
target prot opt source destination
Chain ufw6-user-output (1 references)
target prot opt source destination
ip -6 а
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 state UNKNOWN qlen 1000
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 2a01:4f9:c010:5335::1/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::9400:ff:fe37:30e0/64 scope link
valid_lft forever preferred_lft forever
Адрес на интерфейсе 2a01:4f9:c010:5335::1/64не 2a01:4f9:c010:5335::/64. Вы неправильно настроили DNS для сети, но не для хоста.
Согласно вашему комментарию, изменение DNS на хост устранило проблему.