my ISP asiggnes only native IPv6 addresses, but does also asiggne 4in6 IPv4 addresses. I used ip6.me as a way to resolve my IPv6, but a few days ago ip6.me was down, so I couldn't reach my server. As a solution I used dhis.org as a replacement, which failed today to update the IPv6 entry correctly and responded with the (unusable) v4.
I also tried http://my.ip.fi, but it doesn't work with inadyn-mt, as doesn't myip.dk.
So my question: Is there a way to achieve the IPv6 from the computer itself, like an excepert vom 'ip addr'.
or
Is it possible to solely update valid IPv6 entries, and ditch IPv4 entries?
Greetings,
mieLouk
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
There are two ways to get your address -- your dynamic dns server may detect it -- however, in most cases at this time, servers detect ipv4 addresses.
The other way is to use --ip_server_name option, specifying an ipv6 capable ip server name, such as ip6.me, for instance. For ip servers that can return both address types, use the --alias option parameter indicating what type of address you want, e.g., --alias xxxx ip6, --alias xxxx ip4.
You might do a web search for other ipv6 capable ip servers.
readme.html IPv6 section, documentation (also see alias, and ip_server_name readme.html documentation):
If you wish to update an IPv6 address, choose an ip server that is IPv6 capable -- that is, will return your IPv6 address. And, you'll need a dynamic dns service that honors IPv6 addresses (you may need to use this program's "custom" type dynamic dns server option -- see preceding documentation).
If your IPv6 ip server gives an IPv4 address, it may be because of ip server preference for IPv4. Choose an IPv6 ip server that gives IPv6 addresses preference. Some Teredo clients may require precedence adjustment.
A few IPv6 --ip_server_name parameter options values known to work with inadyn-mt are ip6.me /, dhis.org /, myip.dk /.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I've figured out how it works. That was a problem, but it isn't anymore.
The question was, whether there are more reliable services than ip6.me and dhis.org. OR to not let inadyn-mt update v4 addresses.
IP6.me was down for a few days, not funny if you don't have physical access to your machine.
dhis.org worked fine for a few days, but reported the IPv4, for no apparent reason. I had to let "manually" stop and start inadyn-mt before it correctly updated the v6, replacing the v4. Also not so funny.
myip.dk says timeout for IPv6, thus not usable!!
I can try on and on, but is there some experience with more reliable v6 services?
Last edit: mielouk 2013-07-09
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Which ports do I have to open in my firewall to let inadyn-mt work on IPv6?
Inadyn asks dhis.org for the IP and I think there lies the problem. It's a IPv6 only interface but freedns could also be reached through the IPv4 interface.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Sun Nov 24 16:47:09 2013: S:INADYN: Started 'inadyn-mt version 02.24.38_audible' - dynamic DNS updater.
Sun Nov 24 16:47:09 2013: W:INADYN: IPv6 address read from cache file (/tmp/inadyn_ip.cache): 'IP'...
ERROR: Failed to load plugin /usr/lib/ao/plugins-4/libalsa.so => dlopen() failed
Sun Nov 24 16:49:18 2013: E:INADYN: Failed getting AF_INET6 ip from dhis.org--update_period in check_my_ip_address...
Sun Nov 24 16:49:18 2013: W:IP: Error 0x20 in send()
Sun Nov 24 16:49:18 2013: E:INADYN: Failed getting AF_INET ip from dhis.org--update_period in check_my_ip_address...
Sun Nov 24 16:49:18 2013: W:DYNDNS: Failed checking current ip...
Sun Nov 24 16:49:18 2013: W:DYNDNS: Error 'RC_IP_SEND_ERROR' (0x14) when talking to IP server
Sun Nov 24 16:49:18 2013: W:'RC_IP_SEND_ERROR' (0x14) updating the IPs. (it 0)
Without firewall:
Sun Nov 24 15:25:27 2013: S:INADYN: Started 'inadyn-mt version 02.24.38_audible' - dynamic DNS updater.
Sun Nov 24 15:25:27 2013: W:INADYN: IPv6 address read from cache file (/tmp/inadyn_ip.cache): 'IPv6'...
ERROR: Failed to load plugin /usr/lib/ao/plugins-4/libalsa.so => dlopen() failed
Sun Nov 24 15:25:28 2013: W:INADYN: IP address for alias 'Address:auto' needs update to 'Address'...
Sun Nov 24 15:25:30 2013: W:INADYN: Alias 'Address' to IP 'IP' updated successfully.
Sun Nov 24 15:25:30 2013: W:INADYN: DYNDNS Server response:
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 24 Nov 2013 14:25:30 GMT
Content-Type: text/plain
Content-Length: 79
Connection: close
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Cache: MISS
Updated Address IP in 0.229 seconds
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
How 'bout trying it with only port 80 open? If your firewall allows it, try openning 80 for outgoing connections only.
You previously wrote of reliability problems with dhis. With the firewall disabled, as in above log report, are you able to get consistent successful updates?
What name brand, and model router are you using btw? I expect a router firewall to default to open for outgoing connections - no option to allow closing for outgoing. This is not likely if you're referring to a software firewall.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Sorry that I respond so late. I just got back to this issue.
To answer your questions:
Opening port 80 ingoing helped to receive the IP, opening it outwards did not. I didn't find the specific port to be able to connect to the IP delivering site, so I have to open the whole portrange.
I switched to whatismyv6.com, somewhat more reliable
The router isn't blocking the connections. I use ufw/iptables to restrict my traffic. I need all traffic to be routed through v4, which has a static IP. But I need the machine to be reachable through v6 from the outside and therefore it has to make a connection to whatismyv6.com. I already tried to restrict it by the IPv6 of whatismyv6.com, but it didn't work. The whole v6range outwards is still open
Now I've two questions:
Is there a way to select the network controller?
I couldn't find it in the manpage, but is there an implementation to choose between the public v6 and the privcy extension generated v6? As described here:
-> "Many machines function as both clients and servers. In such cases,
the machine would need a DNS name for its use as a server. Whether
the address stays fixed or changes has little privacy implication
since the DNS name remains constant and serves as a constant
identifier. When acting as a client (e.g., initiating
communication), however, such a machine may want to vary the
addresses it uses. In such environments, one may need multiple
addresses: a "public" (i.e., non-secret) server address, registered
in the DNS, that is used to accept incoming connection requests from
other machines, and a "temporary" address used to shield the identity
of the client when it initiates communication. These two cases are
roughly analogous to telephone numbers and caller ID, where a user
may list their telephone number in the public phone book, but disable
the display of its number via caller ID when initiating calls."
When I enable the privacy extensions, whatismyv6.com is reached through the generated IP, which isn't reachable from outside. I need the public address to be updated, but outgoing the machine should still be able to use the extension. This is a problem I have with more machines.
and here, in 10.1:
tools.ietf.org/html/rfc3484#page-15
Destination: 2001::1
Candidate Source Addresses: 2001::2 (care-of address) or 3ffe::2
(home address)
Result: 3ffe::2 (prefer home address)
Hi,
my ISP asiggnes only native IPv6 addresses, but does also asiggne 4in6 IPv4 addresses. I used ip6.me as a way to resolve my IPv6, but a few days ago ip6.me was down, so I couldn't reach my server. As a solution I used dhis.org as a replacement, which failed today to update the IPv6 entry correctly and responded with the (unusable) v4.
I also tried http://my.ip.fi, but it doesn't work with inadyn-mt, as doesn't myip.dk.
So my question: Is there a way to achieve the IPv6 from the computer itself, like an excepert vom 'ip addr'.
or
Is it possible to solely update valid IPv6 entries, and ditch IPv4 entries?
Greetings,
mieLouk
There are two ways to get your address -- your dynamic dns server may detect it -- however, in most cases at this time, servers detect ipv4 addresses.
The other way is to use --ip_server_name option, specifying an ipv6 capable ip server name, such as ip6.me, for instance. For ip servers that can return both address types, use the --alias option parameter indicating what type of address you want, e.g., --alias xxxx ip6, --alias xxxx ip4.
You might do a web search for other ipv6 capable ip servers.
readme.html IPv6 section, documentation (also see alias, and ip_server_name readme.html documentation):
If you wish to update an IPv6 address, choose an ip server that is IPv6 capable -- that is, will return your IPv6 address. And, you'll need a dynamic dns service that honors IPv6 addresses (you may need to use this program's "custom" type dynamic dns server option -- see preceding documentation).
If your IPv6 ip server gives an IPv4 address, it may be because of ip server preference for IPv4. Choose an IPv6 ip server that gives IPv6 addresses preference. Some Teredo clients may require precedence adjustment.
A few IPv6 --ip_server_name parameter options values known to work with inadyn-mt are ip6.me /, dhis.org /, myip.dk /.
I've figured out how it works. That was a problem, but it isn't anymore.
The question was, whether there are more reliable services than ip6.me and dhis.org. OR to not let inadyn-mt update v4 addresses.
IP6.me was down for a few days, not funny if you don't have physical access to your machine.
dhis.org worked fine for a few days, but reported the IPv4, for no apparent reason. I had to let "manually" stop and start inadyn-mt before it correctly updated the v6, replacing the v4. Also not so funny.
myip.dk says timeout for IPv6, thus not usable!!
I can try on and on, but is there some experience with more reliable v6 services?
Last edit: mielouk 2013-07-09
Which ports do I have to open in my firewall to let inadyn-mt work on IPv6?
Inadyn asks dhis.org for the IP and I think there lies the problem. It's a IPv6 only interface but freedns could also be reached through the IPv4 interface.
Generally speaking, ports should not be an issue. But, updates are via http - that's port 80.
Your problem may be better addressed on the freedns, or dhis end, but posting your configuration file might help us.
Most any problem you could be having, I think is already covered here, in this topic.
I exchanged IP and Address.
With firewall:
Sun Nov 24 16:47:09 2013: S:INADYN: Started 'inadyn-mt version 02.24.38_audible' - dynamic DNS updater.
Sun Nov 24 16:47:09 2013: W:INADYN: IPv6 address read from cache file (/tmp/inadyn_ip.cache): 'IP'...
ERROR: Failed to load plugin /usr/lib/ao/plugins-4/libalsa.so => dlopen() failed
Sun Nov 24 16:49:18 2013: E:INADYN: Failed getting AF_INET6 ip from dhis.org--update_period in check_my_ip_address...
Sun Nov 24 16:49:18 2013: W:IP: Error 0x20 in send()
Sun Nov 24 16:49:18 2013: E:INADYN: Failed getting AF_INET ip from dhis.org--update_period in check_my_ip_address...
Sun Nov 24 16:49:18 2013: W:DYNDNS: Failed checking current ip...
Sun Nov 24 16:49:18 2013: W:DYNDNS: Error 'RC_IP_SEND_ERROR' (0x14) when talking to IP server
Sun Nov 24 16:49:18 2013: W:'RC_IP_SEND_ERROR' (0x14) updating the IPs. (it 0)
Without firewall:
Sun Nov 24 15:25:27 2013: S:INADYN: Started 'inadyn-mt version 02.24.38_audible' - dynamic DNS updater.
Sun Nov 24 15:25:27 2013: W:INADYN: IPv6 address read from cache file (/tmp/inadyn_ip.cache): 'IPv6'...
ERROR: Failed to load plugin /usr/lib/ao/plugins-4/libalsa.so => dlopen() failed
Sun Nov 24 15:25:28 2013: W:INADYN: IP address for alias 'Address:auto' needs update to 'Address'...
Sun Nov 24 15:25:30 2013: W:INADYN: Alias 'Address' to IP 'IP' updated successfully.
Sun Nov 24 15:25:30 2013: W:INADYN: DYNDNS Server response:
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 24 Nov 2013 14:25:30 GMT
Content-Type: text/plain
Content-Length: 79
Connection: close
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Cache: MISS
Updated Address IP in 0.229 seconds
How 'bout trying it with only port 80 open? If your firewall allows it, try openning 80 for outgoing connections only.
You previously wrote of reliability problems with dhis. With the firewall disabled, as in above log report, are you able to get consistent successful updates?
What name brand, and model router are you using btw? I expect a router firewall to default to open for outgoing connections - no option to allow closing for outgoing. This is not likely if you're referring to a software firewall.
Sorry that I respond so late. I just got back to this issue.
To answer your questions:
Opening port 80 ingoing helped to receive the IP, opening it outwards did not. I didn't find the specific port to be able to connect to the IP delivering site, so I have to open the whole portrange.
I switched to whatismyv6.com, somewhat more reliable
The router isn't blocking the connections. I use ufw/iptables to restrict my traffic. I need all traffic to be routed through v4, which has a static IP. But I need the machine to be reachable through v6 from the outside and therefore it has to make a connection to whatismyv6.com. I already tried to restrict it by the IPv6 of whatismyv6.com, but it didn't work. The whole v6range outwards is still open
Now I've two questions:
Is there a way to select the network controller?
I couldn't find it in the manpage, but is there an implementation to choose between the public v6 and the privcy extension generated v6? As described here:
http://tools.ietf.org/html/rfc4941#page-5
-> "Many machines function as both clients and servers. In such cases,
the machine would need a DNS name for its use as a server. Whether
the address stays fixed or changes has little privacy implication
since the DNS name remains constant and serves as a constant
identifier. When acting as a client (e.g., initiating
communication), however, such a machine may want to vary the
addresses it uses. In such environments, one may need multiple
addresses: a "public" (i.e., non-secret) server address, registered
in the DNS, that is used to accept incoming connection requests from
other machines, and a "temporary" address used to shield the identity
of the client when it initiates communication. These two cases are
roughly analogous to telephone numbers and caller ID, where a user
may list their telephone number in the public phone book, but disable
the display of its number via caller ID when initiating calls."
When I enable the privacy extensions, whatismyv6.com is reached through the generated IP, which isn't reachable from outside. I need the public address to be updated, but outgoing the machine should still be able to use the extension. This is a problem I have with more machines.
and here, in 10.1:
tools.ietf.org/html/rfc3484#page-15
Destination: 2001::1
Candidate Source Addresses: 2001::2 (care-of address) or 3ffe::2
(home address)
Result: 3ffe::2 (prefer home address)
Destination: 2002:836b:2179::1
Candidate Source Addresses: 2002:836b:2179::d5e3:7953:13eb:22e8
(temporary) or 2001::2
Result: 2002:836b:2179::d5e3:7953:13eb:22e8 (prefer matching label)
Destination: 2001::d5e3:0:0:1
Candidate Source Addresses: 2001::2 or 2001::d5e3:7953:13eb:22e8
(temporary)
Result: 2001::2 (prefer public address)
Last edit: mielouk 2014-03-03
Hi mielouk. Good question, thanks!
See the attached patch. This is for linux users only, til we see if there are any problems with it.
Please get back to me as soon as possible, so I can add it to the patches section, if all is well.
And please, when you respond, create a new topic (something like, 'ipv6 privacy issue' or some such) with a link back to this one (referencing your ipv6 privacy question, i.e., https://sourceforge.net/p/inadyn-mt/discussion/751470/thread/c705282b/#fb77).
Bryan
Last edit: Bryan Hoover 2014-03-04
Hi mielouk,
I discovered, and corrected compile problems with the above referenced patch.
And I've moved this discussion to its own topic, where you'll find attached patch replacement:
https://sourceforge.net/p/inadyn-mt/discussion/751470/thread/9a05947a/
Bryan