| Author |
Message |
Finglor
Joined: 26 Dec 2011
Posts: 5
|
| Posted: Tue Jan 31, 2012 12:39 pm Post subject: NGINX ipv6 |
|
|
Hello,
I'm trying to enable ipv6 on nginx but when i change my listen directive and reboot the linode I can no longer access my website.
Here is my conf file
Code:
server {
listen [::]:80;
server_name www.shadowytree.com shadowytree.com;
#access_log /srv/www/shadowytree.com/logs/access.log;
error_log /srv/www/shadowytree.com/logs/error.log;
#index index.html index.htm;
location / {
root /srv/www/shadowytree.com/public_html;
index index.html index.htm index.php;
}
location /nginx_status {
stub_status on;
access_log off;
#uncomment and add an ip address if you want to block access to status page
#allow SOME.IP.ADD.RESS;
#deny all;
}
location ~ \.php$ {
include /etc/nginx/fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /srv/www/shadowytree.com/public_html$fastcgi_script_name;
}
}
server {
listen [::]:443 ssl;
ssl_certificate /srv/ssl/shadowytree.com.crt;
ssl_certificate_key /srv/ssl/shadowytree.com.key;
server_name www.shadowytree.com shadowytree.com;
#access_log /srv/www/shadowytree.com/logs/access.log;
error_log /srv/www/shadowytree.com/logs/error.log;
keepalive_timeout 70;
location / {
root /srv/www/shadowytree.com/public_html;
index index.html index.htm index.php;
}
location ~ \.php$ {
include /etc/nginx/fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /srv/www/shadowytree.com/public_html$fastcgi_script_name;
}
}
If I removed the [::] parts everything works again. nginx is configured with ipv6 when I check it with nginx -V.
What am I missing? |
|
| Back to top |
|
lakridserne
Joined: 31 Jan 2012
Posts: 8
|
| Posted: Tue Jan 31, 2012 12:45 pm Post subject: |
|
|
| You run it on IPv6 only. Are you sure you are capable of running IPv6? What about making it so it both accept IPv4 and IPv6? |
|
| Back to top |
|
dwfreed
Joined: 29 Aug 2011
Posts: 11
|
| Posted: Tue Jan 31, 2012 12:51 pm Post subject: |
|
|
| Do you have an IPv6 address brought up on your Linode? Looking at the DNS for shadowytree.com, there are no AAAA records, so you probably forgot to bring up an IPv6 address. (Now, in theory, this shouldn't be an issue, but who knows?) Also, re-add the [::] bits to your config, start nginx, and paste the output of 'netstat -tnap' |
|
| Back to top |
|
dwfreed
Joined: 29 Aug 2011
Posts: 11
|
| Posted: Tue Jan 31, 2012 12:52 pm Post subject: |
|
|
lakridserne wrote: You run it on IPv6 only. Are you sure you are capable of running IPv6? What about making it so it both accept IPv4 and IPv6?
That's not an issue; the Linux kernel by default binds sockets in such a way that IPv6 sockets listening on the any address ([::]) will also receive IPv4 traffic, with the source set to an IPv4-mapped IPv6 address. |
|
| Back to top |
|
Finglor
Joined: 26 Dec 2011
Posts: 5
|
| Posted: Tue Jan 31, 2012 1:05 pm Post subject: |
|
|
This is what I get from tnap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 1811/php5-cgi
tcp 0 0 0.0.0.0:58313 0.0.0.0:* LISTEN 1527/rpc.statd
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 2158/mysqld
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 1515/portmap
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1819/sshd
tcp 0 52 72.14.186.145:22 99.232.114.108:55272 ESTABLISHED 2344/0
tcp6 0 0 :::22 :::* LISTEN 1819/sshd
I have a ipv6 address set in dns manager and it is 2600:3c00::f03c:91ff:fedf:81a6
I created a recored with my domain name there too. |
|
| Back to top |
|
dwfreed
Joined: 29 Aug 2011
Posts: 11
|
| Posted: Tue Jan 31, 2012 1:09 pm Post subject: |
|
|
| Seems nginx didn't start; you should look at /srv/www/shadowytree.com/logs/error.log and /var/log/nginx/error_log to see what went wrong (and paste them so we all can see) |
|
| Back to top |
|
Finglor
Joined: 26 Dec 2011
Posts: 5
|
| Posted: Tue Jan 31, 2012 1:13 pm Post subject: |
|
|
var/log/nginx/error_log
2012/01/31 13:11:58 [emerg] 2278#0: bind() to 0.0.0.0:80 failed (98: Address already in use)
2012/01/31 13:11:58 [emerg] 2278#0: bind() to 0.0.0.0:80 failed (98: Address already in use)
2012/01/31 13:11:58 [emerg] 2278#0: bind() to 0.0.0.0:80 failed (98: Address already in use)
2012/01/31 13:11:58 [emerg] 2278#0: bind() to 0.0.0.0:80 failed (98: Address already in use)
2012/01/31 13:11:58 [emerg] 2278#0: bind() to 0.0.0.0:80 failed (98: Address already in use)
2012/01/31 13:11:58 [emerg] 2278#0: still could not bind()
Nothing in shadowytree.com/logs/error.log |
|
| Back to top |
|
dwfreed
Joined: 29 Aug 2011
Posts: 11
|
| Posted: Tue Jan 31, 2012 1:23 pm Post subject: |
|
|
| Looks like too many things are trying to start nginx at the same time. Try '/etc/init.d/nginx start' and take a look at your error log |
|
| Back to top |
|
Finglor
Joined: 26 Dec 2011
Posts: 5
|
| Posted: Tue Jan 31, 2012 1:26 pm Post subject: |
|
|
The following conf file seems to work.
Code:
server {
listen 80; ## listen for ipv4; this line is default and implied
listen [::]:80 default ipv6only=on; ## listen for ipv6
server_name www.shadowytree.com shadowytree.com;
#access_log /srv/www/shadowytree.com/logs/access.log;
error_log /srv/www/shadowytree.com/logs/error.log;
#index index.html index.htm;
location / {
root /srv/www/shadowytree.com/public_html;
index index.html index.htm index.php;
}
location /nginx_status {
stub_status on;
access_log off;
#uncomment and add an ip address if you want to block access to status page
#allow SOME.IP.ADD.RESS;
#deny all;
}
location ~ \.php$ {
include /etc/nginx/fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /srv/www/shadowytree.com/public_html$fastcgi_script_name;
}
}
server {
listen 443 ssl;
listen [::]:443 default ipv6only=on;
ssl_certificate /srv/ssl/shadowytree.com.crt;
ssl_certificate_key /srv/ssl/shadowytree.com.key;
server_name www.shadowytree.com shadowytree.com;
#access_log /srv/www/shadowytree.com/logs/access.log;
error_log /srv/www/shadowytree.com/logs/error.log;
keepalive_timeout 70;
location / {
root /srv/www/shadowytree.com/public_html;
index index.html index.htm index.php;
}
location ~ \.php$ {
include /etc/nginx/fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /srv/www/shadowytree.com/public_html$fastcgi_script_name;
}
}
Will try and see nginx start and see what error message I get. |
|
| Back to top |
|
lakridserne
Joined: 31 Jan 2012
Posts: 8
|
| Posted: Tue Jan 31, 2012 2:36 pm Post subject: |
|
|
dwfreed wrote: lakridserne wrote: You run it on IPv6 only. Are you sure you are capable of running IPv6? What about making it so it both accept IPv4 and IPv6?
That's not an issue; the Linux kernel by default binds sockets in such a way that IPv6 sockets listening on the any address ([::]) will also receive IPv4 traffic, with the source set to an IPv4-mapped IPv6 address.
Oh I wasn't aware of that. |
|
| Back to top |
|
wills
Joined: 25 Feb 2012
Posts: 4
|
| Posted: Sat Feb 25, 2012 4:58 am Post subject: Re: NGINX ipv6 |
|
|
Finglor wrote: Hello,
I'm trying to enable ipv6 on nginx but when i change my listen directive and reboot the linode I can no longer access my website.
Here is my conf file
Code:
server {
listen [::]:80;
server_name www.shadowytree.com shadowytree.com;
#access_log /srv/www/shadowytree.com/logs/access.log;
error_log /srv/www/shadowytree.com/logs/error.log;
#index index.html index.htm;
location / {
root /srv/www/shadowytree.com/public_html;
index index.html index.htm index.php;
}
location /nginx_status {
stub_status on;
access_log off;
#uncomment and add an ip address if you want to block access to status page
#allow SOME.IP.ADD.RESS;
#deny all;
}
location ~ \.php$ {
include /etc/nginx/fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /srv/www/shadowytree.com/public_html$fastcgi_script_name;
}
}
server {
listen [::]:443 ssl;
ssl_certificate /srv/ssl/shadowytree.com.crt;
ssl_certificate_key /srv/ssl/shadowytree.com.key;
server_name www.shadowytree.com shadowytree.com;
#access_log /srv/www/shadowytree.com/logs/access.log;
error_log /srv/www/shadowytree.com/logs/error.log;
keepalive_timeout 70;
location / {
root /srv/www/shadowytree.com/public_html;
index index.html index.htm index.php;
}
location ~ \.php$ {
include /etc/nginx/fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /srv/www/shadowytree.com/public_html$fastcgi_script_name;
}
}
If I removed the [::] parts everything works again. nginx is configured with ipv6 when I check it with nginx -V.
What am I missing?
I know this seems dumb, but were you listening on 80/443 before the migration? |
|
| Back to top |
|
pclissold
Joined: 24 Oct 2003
Posts: 877
Location: Netherlands
|
| Posted: Sat Feb 25, 2012 5:43 am Post subject: |
|
|
| I know this seems dumb, but why are you putting the spam in the quote, instead of in your sig? |
|
| Back to top |
|
wills
Joined: 25 Feb 2012
Posts: 4
|
| Posted: Sat Feb 25, 2012 9:50 am Post subject: Buuuusted. |
|
|
I thought it would be less intrusive... DOH!
Hey, at least my English is nothing shy of perfect. :)
Do you want me to change it? |
|
| Back to top |
|
| |
