No server response over IPv6 with NGINX

Callumpy asked:

I decided I would give IPv6 a go for my website, but I am having issues getting my server to respond to requests via IPv6.

I have already set up an AAAA record and have had a good go at configuring NGINX to respond to requests. My server is running NGINX on CentOS 6.4.

Here is what the top part of my config looks like:

    listen      443 ssl;
    listen      [::]:443 ssl;
    server_name  *;
    access_log off;

    ssl on;
    ssl_certificate /etc/nginx/conf/ssl-unified.crt;
    ssl_certificate_key /etc/nginx/conf/ssl.key;

When I run ‘netstat -nlp | grep nginx’ I get the following result, as if it is actually listening:

tcp        0      0 :::443     :::*                        LISTEN      14463/nginx

I’ve tried quite a few sites that test IPv6 connectivity, like this one and this one, but they all report back as being able to ping the address but get no server response.

All help is highly appreciated, thank you!

My answer:

You have a firewall issue. I do have IPv6, and when I try to wget your site:

Connecting to **domain** (**domain**)|**IPv6 Address**|:80... failed: Permission denied.

The same for HTTPS:

Connecting to **domain** (**domain**)|**IPv6 Address**|:443... failed: Permission denied.

Likely you only have these open in your IPv4 firewall and not in your IPv6 firewall.

How you fix this depends on your operating system, what web control panels you use, if any, etc. If you’re just using CentOS without any control panels you can use the system-config-network-tui command line tool to configure your firewall and it will correctly open the ports for IPv4 and IPv6.

View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.