search

mholt / caddy-dynamicdns

Caddy app that keeps your DNS records (A/AAAA) pointed at itself.
Apache License 2.0
250 stars 25 forks source link

IPv6 lookups fail with network is unreachable error #73

Closed skyblaster closed 2 months ago

skyblaster commented 2 months ago

I have IPv4 DDNS updates working successfully with Porkbun, however IPv6 lookups fail with a "network is unreachable" error.

{"level":"debug","ts":1725175026.3665743,"logger":"dynamic_dns.ip_sources.simple_http","msg":"lookup","type":"IPv4","endpoint":"https://icanhazip.com","ip":"34.168.xxx.xxx"}
{"level":"debug","ts":1725175026.3687308,"logger":"dynamic_dns.ip_sources.simple_http","msg":"lookup failed","type":"IPv6","endpoint":"https://icanhazip.com","error":"Get \"https://icanhazip.com\": dial tcp6 [2606:4700::6810:b9f1]:443: connect: network is unreachable"}
{"level":"debug","ts":1725175026.373186,"logger":"dynamic_dns.ip_sources.simple_http","msg":"lookup failed","type":"IPv6","endpoint":"https://ifconfig.me","error":"Get \"https://ifconfig.me\": dial tcp6 [2600:1901:0:b2bd::]:443: connect: network is unreachable"}
{"level":"debug","ts":1725175026.3850977,"logger":"dynamic_dns.ip_sources.simple_http","msg":"lookup failed","type":"IPv6","endpoint":"https://ident.me","error":"Get \"https://ident.me\": dial tcp6 [2a01:4f8:c0c:bd0a::1]:443: connect: network is unreachable"}
{"level":"debug","ts":1725175026.4792485,"logger":"dynamic_dns.ip_sources.simple_http","msg":"lookup failed","type":"IPv6","endpoint":"https://ipecho.net/plain","error":"Get \"https://ipecho.net/plain\": dial tcp6 [2600:1901:0:b2bd::]:443: connect: network is unreachable"}
{"level":"warn","ts":1725175026.4794524,"logger":"dynamic_dns.ip_sources.simple_http","msg":"no IP found; consider disabling this IP version","type":"IPv6"}
{"level":"debug","ts":1725175026.4794729,"logger":"dynamic_dns","msg":"no IP address change; no update needed"}

My host is running on Google Cloud and IPv6 is certainly working.

$ dig @2001:4860:4860::8888 AAAA caddyserver.com +short
2604:a880:2:d0::21b0:6001

When I use curl, lookups are successful.

$ curl -6 https://icanhazip.com
2600:1900:dead:beef::

Additionally, if I specify a single simple_http source as well as an interface source, the interface source does not appear to be queried.

ip_source simple_http https://icanhazip.com
ip_source interface ens4

From my host:

$ ip -br addr
lo               UNKNOWN        127.0.0.1/8 ::1/128 
ens4             UP             10.138.0.2/32 2600:1900:dead:beef::/128 fe80::d96f:6d14:dead:beef/64

I'm happy to test any forks that may resolve either issue.

skyblaster commented 2 months ago

My apologies. I'm running this inside a rootless Podman container and forgot to check for IPv6 connectivity from inside the container.

mholt commented 2 months ago

Gotcha. Thanks for posting the solution to help others!

skyblaster commented 2 months ago

Next time I'll pay more attention to the actual debug text and troubleshoot a little deeper before opening a ticket.

I don't know if slirp4netns works the same way, but with the magic that is pasta , one can be easily fooled by being able to make external IPv6 connections while the container itself has zero awareness of the protocol itself.

For this particular application (IPv6 DDNS) within a rootless Podman container, one needs to remember that the default podman network create command does not include IPv6 support. You need to implicitly declare it with the --ipv6 option.