search

NixOS / hydra

Hydra, the Nix-based continuous build system
http://nixos.org/hydra
GNU General Public License v3.0
1.17k stars 300 forks source link

hydra.nixos.org broken over ipv6 #1302

Closed j-baker closed 1 year ago

j-baker commented 1 year ago

Describe the bug

My company uses the Cloudflare WARP Zero Trust VPN. This is a fairly typical MITM corporate VPN. This VPN prefers IPv6 over v4 if both are present. As observed by me, hydra.nixos.org has an A record of 5.9.122.43 which works fine. It also has an AAAA record of 2a01:4f8:162:71eb:: which does not appear to have a webserver hosted on it on port 80 or 443. The VPN then serves an error response.

While my company's IT org has been great and hardcoded that the VPN should prefer IPv4 for this domain, it feels like a bug that hydra.nixos.org publishes an IPv6 record for a computer with no HTTP server running. To my knowledge there is no requirement that a client which supports both IPv4 and v6 should prefer to use IPv4 for any connection, though this is apparently conventional.

Expected behavior

AAAA record either leads to standard content of hydra.nixos.org or is not present.

Additional context

Arguably not the right place to report, but not sure of a better place.

cole-h commented 1 year ago

Arguably not the right place to report, but not sure of a better place.

That would be over at https://github.com/NixOS/nixos-org-configurations. This looks related, but is from ~a year ago and was ostensibly fixed: https://github.com/NixOS/nixos-org-configurations/issues/221.

(I'd move it myself, but I don't have the permissions to do so, sorry! If you wouldn't mind reopening this over there, that would be great!)

j-baker commented 1 year ago

I filed https://github.com/NixOS/nixos-org-configurations/issues/284! Thanks for the fast response.