#26 2013-10-16 13:15:42

conta
Trusted Member
From: Earth
Registered: 2013-10-13
Posts: 127
Website

Re: Cloudflare's Free IPv6 -> IPv4 Proxy (aka how to stop bugging Anthony)

so how should it be configured?

I am a bit confused. only AAAA should be orange cloud?


http://getLES.tk newbie guide for LowEndSpirit VPS
https://DiscoverBSD.com blogging about BSD operating systems
https://BSDSec.net deadsimple BSD Security Advisories and Announcements

Offline

#27 2013-10-16 15:07:15

mikho
Low End Mod
From: Hell and gore == Sweden
Registered: 2013-03-02
Posts: 1,181
Website

Re: Cloudflare's Free IPv6 -> IPv4 Proxy (aka how to stop bugging Anthony)

conta wrote:

so how should it be configured?

I am a bit confused. only AAAA should be orange cloud?

Follow the guide step by step and you should be fine.

Offline

#28 2013-10-17 02:34:14

conta
Trusted Member
From: Earth
Registered: 2013-10-13
Posts: 127
Website

Re: Cloudflare's Free IPv6 -> IPv4 Proxy (aka how to stop bugging Anthony)

I followed but there is probably something wrong with my setup.

for test I took domain from TK - getles.tk and set custom dns as was in guide. I also configured my nginx to listen to my first ipv6 (same like in cloudflare), but when I go to getles.tk, i see empty website, not test file that I put into my nginx folder.

my config in /etc/nginx/conf.d/default.conf

server {
    listen [2a02:29e0:1:278:1234:1234:6d6:a0e6]:80 default ipv6only=on;
    server_name  localhost;

    #charset koi8-r;
    #access_log  /var/log/nginx/log/host.access.log  main;

    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
    }

so I put my files to /usr/share/nginx/html

[email protected]:~$ sudo netstat -nlp | grep nginx
tcp6       0      0 2a02:29e0:1:278:1234:80 :::*                    LISTEN      5313/nginx.conf

I don't know where could the mistake be. i installed nginx from their repo.. it's static pages - i dont know if i should install something else, not sure how I could test whether nginx is working (see localhost in browser - i tried links but when I go to http://localhost it says connection refused)

any ideas welcome ;]


http://getLES.tk newbie guide for LowEndSpirit VPS
https://DiscoverBSD.com blogging about BSD operating systems
https://BSDSec.net deadsimple BSD Security Advisories and Announcements

Offline

#29 2013-10-17 05:15:20

mikho
Low End Mod
From: Hell and gore == Sweden
Registered: 2013-03-02
Posts: 1,181
Website

Re: Cloudflare's Free IPv6 -> IPv4 Proxy (aka how to stop bugging Anthony)

Add your .tk domain name to the "server_name" option in your conf and restart nginx.

Let me know the results.

Offline

#30 2013-10-17 06:12:47

conta
Trusted Member
From: Earth
Registered: 2013-10-13
Posts: 127
Website

Re: Cloudflare's Free IPv6 -> IPv4 Proxy (aka how to stop bugging Anthony)

it's still the same ;/

when I ping my domain and check whois on th ip, it is cloudflares ip, so I think something got to be wrong on my side.

Last edited by conta (2013-10-17 06:15:40)


http://getLES.tk newbie guide for LowEndSpirit VPS
https://DiscoverBSD.com blogging about BSD operating systems
https://BSDSec.net deadsimple BSD Security Advisories and Announcements

Offline

#31 2013-10-17 07:14:25

5n1p
Trusted Member
Registered: 2013-04-02
Posts: 235
Website

Re: Cloudflare's Free IPv6 -> IPv4 Proxy (aka how to stop bugging Anthony)

Try like this:

default config:

server {
    listen [::]:80 default_server ipv6only=on;
    server_name  localhost;
    #charset koi8-r;
    #access_log  /var/log/nginx/log/host.access.log  main;
    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
    }

then add new config "getles.tk.conf" for your domain in /etc/nginx/sites_enabled and put this in it:

server {
    listen [2a02:29e0:1:278:1234:1234:6d6:a0e6]:80;
    server_name  getles.tk;
    #charset koi8-r;
    #access_log  /var/log/nginx/log/host.access.log  main;
    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm;
    }

Offline

#32 2013-10-17 07:28:53

conta
Trusted Member
From: Earth
Registered: 2013-10-13
Posts: 127
Website

Re: Cloudflare's Free IPv6 -> IPv4 Proxy (aka how to stop bugging Anthony)

sites_enabled is not there, so I created it.

i also edited files as 5n1p recommended, but no change at all ;/


http://getLES.tk newbie guide for LowEndSpirit VPS
https://DiscoverBSD.com blogging about BSD operating systems
https://BSDSec.net deadsimple BSD Security Advisories and Announcements

Offline

#33 2013-10-17 07:55:46

Backtogeek
Low End Boss
From: ~/
Registered: 2013-02-13
Posts: 3,210
Website

Re: Cloudflare's Free IPv6 -> IPv4 Proxy (aka how to stop bugging Anthony)

Well, does it work if you just point the AAAA or A6 record directly at the IPv6 address instead of going via cloudflare?


http://LittleHappyCloud.net KVM VPS with 1TB Bandwidth for €3.00

Offline

#34 2013-10-17 09:12:43

conta
Trusted Member
From: Earth
Registered: 2013-10-13
Posts: 127
Website

Re: Cloudflare's Free IPv6 -> IPv4 Proxy (aka how to stop bugging Anthony)

Backtogeek wrote:

Well, does it work if you just point the AAAA or A6 record directly at the IPv6 address instead of going via cloudflare?

not sure what you mean / how to do this.


http://getLES.tk newbie guide for LowEndSpirit VPS
https://DiscoverBSD.com blogging about BSD operating systems
https://BSDSec.net deadsimple BSD Security Advisories and Announcements

Offline

#35 2013-10-17 09:20:14

Backtogeek
Low End Boss
From: ~/
Registered: 2013-02-13
Posts: 3,210
Website

Re: Cloudflare's Free IPv6 -> IPv4 Proxy (aka how to stop bugging Anthony)

Well what I mean is, forget cloudflare for now lets make sure your site works properly over IPv4 first.

Point your AAAA record for getles.tk to 2a02:29e0:1:278:1234:1234:6d6:a0e6

This would be don't within your DNS management panel, you may need to stop using cloudflares nameservers first.


http://LittleHappyCloud.net KVM VPS with 1TB Bandwidth for €3.00

Offline

#36 2013-10-17 09:23:17

5n1p
Trusted Member
Registered: 2013-04-02
Posts: 235
Website

Re: Cloudflare's Free IPv6 -> IPv4 Proxy (aka how to stop bugging Anthony)

I have tried to visit your domain, are you sure all permissions are set to www-data user?
Could you move your files from /usr/share/nginx/html to /var/www then chown all files to www-data user and change root folder in your /etc/nginx/sites_enabled/getles.tk.conf to /var/www.

Offline

#37 2013-10-17 09:54:54

conta
Trusted Member
From: Earth
Registered: 2013-10-13
Posts: 127
Website

Re: Cloudflare's Free IPv6 -> IPv4 Proxy (aka how to stop bugging Anthony)

5n1p wrote:

I have tried to visit your domain, are you sure all permissions are set to www-data user?
Could you move your files from /usr/share/nginx/html to /var/www then chown all files to www-data user and change root folder in your /etc/nginx/sites_enabled/getles.tk.conf to /var/www.

so I did

sudo adduser <username> www-data
sudo chown -R www-data:www-data /var/www
sudo chmod -R g+rw /var/www

and other steps you mentioned, can you check again? I dont see any change.


http://getLES.tk newbie guide for LowEndSpirit VPS
https://DiscoverBSD.com blogging about BSD operating systems
https://BSDSec.net deadsimple BSD Security Advisories and Announcements

Offline

#38 2013-10-17 10:10:21

5n1p
Trusted Member
Registered: 2013-04-02
Posts: 235
Website

Re: Cloudflare's Free IPv6 -> IPv4 Proxy (aka how to stop bugging Anthony)

No change here, well something is not configured as it should be, have you purged cache in cloudflare? Also try what Anthony said, stop cloudflare first and and set AAAA record for your domain to point to vps. When you set everything without cloudflare and it works, then go to cloud flare and activate it.

Ok now i have tried proxy for your site and entered your IPv6 and it works:

http://www.ipv6proxy.net/

but when I enter your domain its not working.

Offline

#39 2013-10-17 10:20:17

conta
Trusted Member
From: Earth
Registered: 2013-10-13
Posts: 127
Website

Re: Cloudflare's Free IPv6 -> IPv4 Proxy (aka how to stop bugging Anthony)

5n1p wrote:

Ok now i have tried proxy for your site and entered your IPv6 and it works:

http://www.ipv6proxy.net/

but when I enter your domain its not working.

http://www.ipv6proxy.net/go.php?u=http%3A%2F%2F[2a02%3A29e0%3A1%3A278%3A1234%3A1234%3A6d6%3Aa0e6]&b=0&f=norefer

now I can see file in /usr/share/nginx/html


http://getLES.tk newbie guide for LowEndSpirit VPS
https://DiscoverBSD.com blogging about BSD operating systems
https://BSDSec.net deadsimple BSD Security Advisories and Announcements

Offline

#40 2013-10-17 10:25:20

5n1p
Trusted Member
Registered: 2013-04-02
Posts: 235
Website

Re: Cloudflare's Free IPv6 -> IPv4 Proxy (aka how to stop bugging Anthony)

Have you restated nginx after all this changes? You should see file in /var/www

Offline

#41 2013-10-17 10:36:18

conta
Trusted Member
From: Earth
Registered: 2013-10-13
Posts: 127
Website

Re: Cloudflare's Free IPv6 -> IPv4 Proxy (aka how to stop bugging Anthony)

yes, I did.

seems like config in /etc/nginx/sites_enabled/getles.tk.conf  doesn't work (that's the reason why I needed to create that dir, probably)

when I edit default.conf  to point to /var/www I can see what's in there

Last edited by conta (2013-10-17 10:36:49)


http://getLES.tk newbie guide for LowEndSpirit VPS
https://DiscoverBSD.com blogging about BSD operating systems
https://BSDSec.net deadsimple BSD Security Advisories and Announcements

Offline

#42 2013-10-17 10:40:22

wlucha
Trusted Member
Registered: 2013-10-17
Posts: 6

Re: Cloudflare's Free IPv6 -> IPv4 Proxy (aka how to stop bugging Anthony)

I'm getting an 1000 error.


I configured the webserver (nginx) for ipv6 (listen [::]:80)  and in cloudflare I made an AAAA Record pointed to one of the ipv6 VPS IP's and a cname with www.
and I changed to full ipv6.


any solution?
Edit: website is http://lucha.tk

Last edited by wlucha (2013-10-17 10:55:38)

Offline

#43 2013-10-17 11:05:29

CSa
Trusted Member
Registered: 2013-10-06
Posts: 131

Re: Cloudflare's Free IPv6 -> IPv4 Proxy (aka how to stop bugging Anthony)

wlucha wrote:

I'm getting an 1000 error.


I configured the webserver (nginx) for ipv6 (listen [::]:80)  and in cloudflare I made an AAAA Record pointed to one of the ipv6 VPS IP's and a cname with www.
and I changed to full ipv6.


any solution?
Edit: website is http://lucha.tk

Looks like you used A instead of AAAA.


What's this? Torn: Soon to become the best blogging platform ever created!

Offline

#44 2013-10-17 11:08:59

mikeyur
Trusted Member
From: Canadia, eh
Registered: 2013-09-15
Posts: 34

Re: Cloudflare's Free IPv6 -> IPv4 Proxy (aka how to stop bugging Anthony)

Just a thought: Do you have A records also set in addition to the AAAA? If you're using the Cloudflare reverse proxy, you don't need (and don't want) an A record as it's likely defaulting to that (which may not be setup in your nginx config or in the LES HA Proxy setup).

The LES box I set this up on only has 1 site on it, so I just left it to listen to anything coming in over port 80 and it still works great.

Offline

#45 2013-10-17 11:19:56

conta
Trusted Member
From: Earth
Registered: 2013-10-13
Posts: 127
Website

Re: Cloudflare's Free IPv6 -> IPv4 Proxy (aka how to stop bugging Anthony)

mikeyur wrote:

Just a thought: Do you have A records also set in addition to the AAAA? If you're using the Cloudflare reverse proxy, you don't need (and don't want) an A record as it's likely defaulting to that (which may not be setup in your nginx config or in the LES HA Proxy setup).

The LES box I set this up on only has 1 site on it, so I just left it to listen to anything coming in over port 80 and it still works great.

If you are asking me, cloudflare shows 2 A, 1AAAA and 1 CNAME as active. I will disable A, wait and see


http://getLES.tk newbie guide for LowEndSpirit VPS
https://DiscoverBSD.com blogging about BSD operating systems
https://BSDSec.net deadsimple BSD Security Advisories and Announcements

Offline

#46 2013-10-17 11:22:37

mikeyur
Trusted Member
From: Canadia, eh
Registered: 2013-09-15
Posts: 34

Re: Cloudflare's Free IPv6 -> IPv4 Proxy (aka how to stop bugging Anthony)

Just disable any active A records for the domain you're trying to get online and only have a AAAA for it. I originally setup my box to have a AAAA record for a new subdomain - so it didn't have any additional records attached already, but if you're setting up the root domain it may already have some A records that got pulled in when you turned on Cloudflare (parking pages, last server used, etc)

Offline

#47 2013-10-17 11:25:30

conta
Trusted Member
From: Earth
Registered: 2013-10-13
Posts: 127
Website

Re: Cloudflare's Free IPv6 -> IPv4 Proxy (aka how to stop bugging Anthony)

mikeyur wrote:

Just disable any active A records for the domain you're trying to get online and only have a AAAA for it. I originally setup my box to have a AAAA record for a new subdomain - so it didn't have any additional records attached already, but if you're setting up the root domain it may already have some A records that got pulled in when you turned on Cloudflare (parking pages, last server used, etc)

how about CNAME?

http://freedns.afraid.org/ I wonder I might try this one?


http://getLES.tk newbie guide for LowEndSpirit VPS
https://DiscoverBSD.com blogging about BSD operating systems
https://BSDSec.net deadsimple BSD Security Advisories and Announcements

Offline

#48 2013-10-17 11:38:27

mikeyur
Trusted Member
From: Canadia, eh
Registered: 2013-09-15
Posts: 34

Re: Cloudflare's Free IPv6 -> IPv4 Proxy (aka how to stop bugging Anthony)

To do any of this stuff you need to have a basic understanding of DNS.

An 'A' record is a pointer for your domain to an IPv4 address. A 'AAAA' (quad-A) is for IPv6.

The way the reverse proxy works with Cloudflare, they're sitting in front of your server and when someone goes to them looking for your domain, they go to your server and pull it up for the user. They proxy your IP to show it to the user on their (cloudflare's) IP.

So the way their IPv6 proxy works is: Someone requests your site in their browser and they don't have IPv6, Cloudflare makes the IPv6 request for them and shows it on an IPv4 address.

If you have an IPv4 A record - it'll default to making that request if someone requests IPv4. If you just have the IPv6 AAAA record, it'll 'translate' that (reverse proxy) and show it to folks on both IPv4 and IPv6.

If your site is 'SiteXYZ.com' and you want to set this up. All you want for the hostname 'SiteXYZ.com' on Cloudflare is a single AAAA record. You want to delete an A record for hostname.

A CNAME (canonical name record) is a completely different ballgame. I'm not going to explain it all here (look it up on wikipedia), but we don't want a CNAME with this setup right now. You just want a AAAA record pointing from the hostname (your domain) to the server IPv6 address.

Offline

#49 2013-10-17 11:58:18

conta
Trusted Member
From: Earth
Registered: 2013-10-13
Posts: 127
Website

Re: Cloudflare's Free IPv6 -> IPv4 Proxy (aka how to stop bugging Anthony)

mikeyur wrote:

To do any of this stuff you need to have a basic understanding of DNS.

An 'A' record is a pointer for your domain to an IPv4 address. A 'AAAA' (quad-A) is for IPv6.

The way the reverse proxy works with Cloudflare, they're sitting in front of your server and when someone goes to them looking for your domain, they go to your server and pull it up for the user. They proxy your IP to show it to the user on their (cloudflare's) IP.

So the way their IPv6 proxy works is: Someone requests your site in their browser and they don't have IPv6, Cloudflare makes the IPv6 request for them and shows it on an IPv4 address.

If you have an IPv4 A record - it'll default to making that request if someone requests IPv4. If you just have the IPv6 AAAA record, it'll 'translate' that (reverse proxy) and show it to folks on both IPv4 and IPv6.

If your site is 'SiteXYZ.com' and you want to set this up. All you want for the hostname 'SiteXYZ.com' on Cloudflare is a single AAAA record. You want to delete an A record for hostname.

A CNAME (canonical name record) is a completely different ballgame. I'm not going to explain it all here (look it up on wikipedia), but we don't want a CNAME with this setup right now. You just want a AAAA record pointing from the hostname (your domain) to the server IPv6 address.

sure, I studied what it means before trying anything. but when doing something, i am pretty much not sure whether what I do is right or not ;]

I thought maybe A records are needed for people who are on ipv4 network or so.


http://getLES.tk newbie guide for LowEndSpirit VPS
https://DiscoverBSD.com blogging about BSD operating systems
https://BSDSec.net deadsimple BSD Security Advisories and Announcements

Offline

#50 2013-10-17 12:03:52

mikeyur
Trusted Member
From: Canadia, eh
Registered: 2013-09-15
Posts: 34

Re: Cloudflare's Free IPv6 -> IPv4 Proxy (aka how to stop bugging Anthony)

conta wrote:

I thought maybe A records are needed for people who are on ipv4 network or so.

They are, which is why we're using Cloudflare who is translating the IPv6 to IPv4 for us - and giving out their own A & AAAA records.

If I dig the A records on the subdomain for my LES box (with Cloudflare enabled) I get:

;; QUESTION SECTION:
;les.******.com.			IN	A

;; ANSWER SECTION:
les.******.com.		300	IN	A	108.162.198.83
les.******.com.		300	IN	A	108.162.199.83

If I dig the AAAA

;; QUESTION SECTION:
;les.******.com.			IN	AAAA

;; ANSWER SECTION:
les.******.com.		300	IN	AAAA	2400:cb00:2048:1::6ca2:c753
les.******.com.		300	IN	AAAA	2400:cb00:2048:1::6ca2:c653

None of those are the single IPv6 address I gave them as the AAAA record. Those are Cloudflare IPv4 & IPv6 addresses that are reverse proxying my single IPv6 address.

Offline

Board footer