infomaniak IPv6 issues

jdaviescoates

@Gengar said in Email sending broken after updating to 8.2.x (due to IPv6 issues):

Do you think it could solve the issue ? Because I guess reverse DNS checks likely happen inside this mail container ?

if that was the issue then wouldn't we all be having the strange issues you're having? Speaking personally my PTR6 status has been fine and green ever since I initially set it.

Gengar

@jdaviescoates yeah i thought about that too and I guess you are right…

But I really have no other leads rn …

Gengar

@girish I think I have very interesting new information to narrow down the possibilities for the root cause. What I did is that I tried to restart every component/service I could, starting from the most specific (mail container) to the most general (full system reboot):

Service / Component restarted	Result
`sudo docker restart mail`	NOK
`sudo systemctl restart box`	NOK
`sudo systemctl restart docker`	NOK – I had to restart apps manually due to bad gateway / 500 errors.
`sudo systemctl restart unbound`	NOK
`sudo systemctl restart systemd-resolved`	NOK
`sudo systemctl restart systemd-networkd`	NOK
`sudo netplan apply`	NOK
`sudo reboot`	OK – PTR6 works again.

So I asked myself: what could exist between the NOK and OK state that I hadn't tried?

I decided to target the IPv6 stack of the OS directly. I ran:

sudo ip -6 neigh flush all
sudo sysctl -w net.ipv6.conf.all.disable_ipv6=1
sleep 2
sudo sysctl -w net.ipv6.conf.all.disable_ipv6=0

️ After this, it was still NOK, but interestingly it reported the PTR6 = null state instantly, instead of the usual 1–2 minute delay. That suggested something was cleared or reset => Makes sense as I flushed.

After flushing the IPv6 neighbours and disabling / re-enabling the ipv6 module I've restarted netplan and docker :

sudo netplan apply
sudo systemctl restart docker

️ Again, after restarting Docker I had to manually restart all apps (some with bad gateway / nginx errors like n8n). But...

IT WORKED!

The PTR6 value was immediately resolved again and Cloudron no longer shows null. So this suggests that the root cause may lie somewhere in the interaction between the kernel IPv6 stack and Docker’s networking layer ? particularly after updates...

What do you think @girish ? What could be the root cause ?

joseph

Not sure, but in many VPS , IPv6 and related networking are simply not that reliable . It's hard to point at the root cause without debugging the setups. Which VPS are you using, if you don't mind sharing?

Gengar

@joseph I'm using a VPS from Infomaniak. => https://www.infomaniak.com/

joseph

@Gengar should I use https://www.infomaniak.com/en/hosting/vps-lite ? Can't make out if those have IPv6

Gengar

@joseph Yeah I'm using a vps light And it has IPv6

Gengar

@joseph Did you had the chance to make a try ?

On my side I'm stuck and still having this issue 🥲

Gengar

@girish It should take aproximatly 10 minutes to 15 minutes for the order to perform If I remember correctly.

girish

@Gengar I have created a ticket now to set the PTR records. But going back to your original issue:

"host -t PTR <ipv6> 127.0.0.150 always fails instantly." This works just fine on my VPS. Maybe you have some firewall rules? I just allowed everything incoming in firewall.

ubuntu@ov-9503b4:~$ host -t PTR 45.55.2.141 127.0.0.150
Using domain server:
Name: 127.0.0.150
Address: 127.0.0.150#53
Aliases: 

141.2.55.45.in-addr.arpa domain name pointer my.cloudron.io.
ubuntu@ov-9503b4:~$ host -t PTR 2604:a880:1:4a::2:7000 127.0.0.150
Using domain server:
Name: 127.0.0.150
Address: 127.0.0.150#53
Aliases: 

0.0.0.7.2.0.0.0.0.0.0.0.0.0.0.0.a.4.0.0.1.0.0.0.0.8.8.a.4.0.6.2.ip6.arpa domain name pointer my.cloudron.io.

Gengar

This post is deleted!

Gengar

@girish Okay so here it doesn't work the same. For example I've rebooted my server this morning (like 2 hours ago) beceause my PTR6 was null.

And I've tried again and yeah, I have a communication error during the 1st try that you don't have. But each time it resolve it even with the communication error and the 2nd time it always works. And I have this exact behavior each time.

That's weird.

My firewall is setup like this :

scooke

OK, i'm gonna say it: It's something to do with infomaniak, and it's time to move to a different VPS provider.

Gengar

@scooke 🥲 I really like Infomaniak especially their commitment to ecology https://www.infomaniak.com/en/ecology ... If I have no other choices maybe I will switch to another hosting provider... We will see...

BrutalBirdie

@Gengar
Just read the Hetzner page: https://www.hetzner.com/unternehmen/nachhaltigkeit/
If you are looking for an eco-friendly provider, Hetzner is pretty good.

Gengar

@BrutalBirdie Oh thanks for the link ! I will read what they do

jdaviescoates

@Gengar I have a spreadsheet with a bunch of Eco VPS providers here:

https://ud.coop/ecovps

I should add Informaniak!

But yeah Hetzner is probably the best option overall imho, great value and great UX. I tried Netcup because they are even cheaper, but 1) you have to pay 6 months in advance (whereas with Hetzner you can just pay for an hour if you cancel), 2) their default Ubuntu is stripped down and so installing Cloudron doesn't work until you mess around installing full Ubuntu first 3) their UI/ UX is just no way near as good as Hetzner's, etc.

Gengar

@jdaviescoates If it works with Infomaniak, it would be another cheap VPS and ecofriendly one yeah. They have their "VPS Light" that is cheap and atm, except the ptr6 value that switches to null after updates, that seems solid.

With hetzner , can you setup yourself your PTR ? For Infomaniak we need to open a ticket to their support.

avatar1024

@jdaviescoates said in Email sending broken after updating to 8.2.x (due to IPv6 issues):

but 1) you have to pay 6 months in advance (whereas with Hetzner you can just pay for an hour if you cancel), 2) their default Ubuntu is stripped down and so installing Cloudron doesn't work until you mess around installing full Ubuntu first 3) their UI/ UX is just no way near as good as Hetzner's, etc.

Just to say, I used to be with Hetzner and I am now with Netcup and regarding: 1) you do NOT have to pay 6 months in advance (it's just cheaper if you do); 2) I had no such issue with their ubuntu version. I've installed Cloudron from blank ubuntu from Netcup and I've been running several Cloudron instances with no problems. Totally agree with 3), Hetzner UI is SO much better...but then their prices are also significantly higher so I'd rather get better hardware and a lesser friendly UI.

However on my servers, and despite following all the right steps, I kept having issue with IPv6. PTR records and DNS all check OK on Cloudron, MX checks etc, but I keep getting random email bounce from Gmail. The only final solution was to disable IPv6 completely. Perhaps Hetzner is better in that respect.

jdaviescoates

@Gengar said in Email sending broken after updating to 8.2.x (due to IPv6 issues):

With hetzner , can you setup yourself your PTR

Yes, you can.

Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.

Cloudron Forum

infomaniak IPv6 issues

IT WORKED!