Mailcow-dockerized: Mailcow or docker messes up with IPv6 connectivity
I setup a new aws ec2 server with IPv4/IPv6 dual stack connectivity. IPv6 was working well before I installed mailcow-dockerised. It seems like either docker(installed for mailcow using commands mentioned in documentation) or mailcow itself, are messing up with IPv6 connectivity, leading to the server being unable to connect over IPv6(both incoming and outgoing connections)
I tried uninstalling mailcow-dockerised and docker and also removed docker0 network shown in ifconfig, but IPv6 no longer works.
If needed, I'm willing to repeat the process, just let me know what things I'll need to note down before and after installation.
InfiniteCoder
All 20 comments
Mailcow is loading an IPv6 NAT driver, to translate the internal ipv6 network to the rest of the world.
I haven't had problems yet, but I'm not on AWS.
Do you have any local firewall?
lazyfrosch
on 12 Feb 2018
@lazyfrosch By local firewall, do you mean something like iptables or ufw? I don't use them as aws provides its own virtual firewall independent of the server. Even there, I opened up all inbound and outbound traffic for testing.
InfiniteCoder
on 13 Feb 2018
Please show the output of ifconfig and ip6tables --list both before and after it breaks.
Rebooting the server after stopping the Docker containers should suffice to get IPv6 working again.
mkuron
on 13 Feb 2018
@mkuron
before
ifconfig
br-c17ceba4b147 Link encap:Ethernet HWaddr 02:42:da:69:a1:30
inet addr:172.18.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:daff:fe69:a130/64 Scope:Link
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:2788 errors:0 dropped:0 overruns:0 frame:0
TX packets:2774 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:188340 (188.3 KB) TX bytes:412132 (412.1 KB)
docker0 Link encap:Ethernet HWaddr 02:42:8a:ff:f3:36
inet addr:172.17.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
ens5 Link encap:Ethernet HWaddr 02:01:6d:3c:8b:f6
inet addr:10.0.0.11 Bcast:10.0.0.255 Mask:255.255.255.0
inet6 addr: fe80::1:6dff:fe3c:8bf6/64 Scope:Link
inet6 addr: 2406:da1a:df5:8100:e7f:88f0:1e03:3a32/128 Scope:Global
UP BROADCAST RUNNING MULTICAST MTU:9001 Metric:1
RX packets:1305946 errors:0 dropped:0 overruns:0 frame:0
TX packets:769457 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1258856466 (1.2 GB) TX bytes:135763739 (135.7 MB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:901 errors:0 dropped:0 overruns:0 frame:0
TX packets:901 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:263617 (263.6 KB) TX bytes:263617 (263.6 KB)
ip6tables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
After
ifconfig
br-0389d92aa50a Link encap:Ethernet HWaddr 02:42:93:00:5e:69
inet addr:172.22.1.1 Bcast:0.0.0.0 Mask:255.255.255.0
inet6 addr: fe80::42:93ff:fe00:5e69/64 Scope:Link
inet6 addr: fe80::1/64 Scope:Link
inet6 addr: fd4d:6169:6c63:6f77::1/64 Scope:Global
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:21401 errors:0 dropped:0 overruns:0 frame:0
TX packets:26043 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1175894 (1.1 MB) TX bytes:72966735 (72.9 MB)
br-c17ceba4b147 Link encap:Ethernet HWaddr 02:42:da:69:a1:30
inet addr:172.18.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:daff:fe69:a130/64 Scope:Link
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:2788 errors:0 dropped:0 overruns:0 frame:0
TX packets:2774 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:188340 (188.3 KB) TX bytes:412132 (412.1 KB)
docker0 Link encap:Ethernet HWaddr 02:42:8a:ff:f3:36
inet addr:172.17.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
ens5 Link encap:Ethernet HWaddr 02:01:6d:3c:8b:f6
inet addr:10.0.0.11 Bcast:10.0.0.255 Mask:255.255.255.0
inet6 addr: fe80::1:6dff:fe3c:8bf6/64 Scope:Link
inet6 addr: 2406:da1a:df5:8100:e7f:88f0:1e03:3a32/128 Scope:Global
UP BROADCAST RUNNING MULTICAST MTU:9001 Metric:1
RX packets:2006986 errors:0 dropped:0 overruns:0 frame:0
TX packets:863049 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2253887924 (2.2 GB) TX bytes:142998798 (142.9 MB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:901 errors:0 dropped:0 overruns:0 frame:0
TX packets:901 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:263617 (263.6 KB) TX bytes:263617 (263.6 KB)
veth3278ae5 Link encap:Ethernet HWaddr 8e:25:71:73:65:98
inet6 addr: fe80::8c25:71ff:fe73:6598/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:873 errors:0 dropped:0 overruns:0 frame:0
TX packets:769 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:94511 (94.5 KB) TX bytes:222146 (222.1 KB)
veth32e3919 Link encap:Ethernet HWaddr 7a:39:16:b0:2a:70
inet6 addr: fe80::7839:16ff:feb0:2a70/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1175 errors:0 dropped:0 overruns:0 frame:0
TX packets:1229 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:136870 (136.8 KB) TX bytes:237754 (237.7 KB)
veth4706ca4 Link encap:Ethernet HWaddr 42:c5:64:31:5b:49
inet6 addr: fe80::40c5:64ff:fe31:5b49/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:34 errors:0 dropped:0 overruns:0 frame:0
TX packets:181 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:101893 (101.8 KB) TX bytes:15023 (15.0 KB)
veth67b7f11 Link encap:Ethernet HWaddr ee:7e:5b:77:c6:2f
inet6 addr: fe80::ec7e:5bff:fe77:c62f/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:334 errors:0 dropped:0 overruns:0 frame:0
TX packets:343 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:44848 (44.8 KB) TX bytes:209292 (209.2 KB)
veth8ac0512 Link encap:Ethernet HWaddr a6:1a:2f:43:32:cc
inet6 addr: fe80::a41a:2fff:fe43:32cc/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:621 errors:0 dropped:0 overruns:0 frame:0
TX packets:930 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:49986 (49.9 KB) TX bytes:94018 (94.0 KB)
vethb840447 Link encap:Ethernet HWaddr f2:fc:5d:62:71:48
inet6 addr: fe80::f0fc:5dff:fe62:7148/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:417 errors:0 dropped:0 overruns:0 frame:0
TX packets:504 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:58499 (58.4 KB) TX bytes:47059 (47.0 KB)
vethb1a062f Link encap:Ethernet HWaddr 0a:34:b1:14:71:32
inet6 addr: fe80::834:b1ff:fe14:7132/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1255 errors:0 dropped:0 overruns:0 frame:0
TX packets:1452 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:245708 (245.7 KB) TX bytes:161303 (161.3 KB)
vethbee0c9c Link encap:Ethernet HWaddr ae:04:5e:b4:db:a6
inet6 addr: fe80::ac04:5eff:feb4:dba6/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:214 errors:0 dropped:0 overruns:0 frame:0
TX packets:308 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:42668 (42.6 KB) TX bytes:42415 (42.4 KB)
vethc5ed355 Link encap:Ethernet HWaddr 3a:0e:3c:7b:cc:46
inet6 addr: fe80::380e:3cff:fe7b:cc46/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:81 errors:0 dropped:0 overruns:0 frame:0
TX packets:182 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:8216 (8.2 KB) TX bytes:17028 (17.0 KB)
vethcdf4229 Link encap:Ethernet HWaddr 92:58:f6:2d:5d:06
inet6 addr: fe80::9058:f6ff:fe2d:5d06/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:465 errors:0 dropped:0 overruns:0 frame:0
TX packets:455 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:49249 (49.2 KB) TX bytes:189018 (189.0 KB)
vethd812230 Link encap:Ethernet HWaddr 0e:52:6e:8e:2f:95
inet6 addr: fe80::c52:6eff:fe8e:2f95/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:131 errors:0 dropped:0 overruns:0 frame:0
TX packets:233 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:14746 (14.7 KB) TX bytes:18030 (18.0 KB)
vethdd0f37f Link encap:Ethernet HWaddr 4a:20:82:5d:da:57
inet6 addr: fe80::4820:82ff:fe5d:da57/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:111 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:728 (728.0 B) TX bytes:8690 (8.6 KB)
vethf1240ac Link encap:Ethernet HWaddr 16:c3:4e:15:77:a4
inet6 addr: fe80::14c3:4eff:fe15:77a4/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:20075 errors:0 dropped:0 overruns:0 frame:0
TX packets:25219 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1327068 (1.3 MB) TX bytes:72534503 (72.5 MB)
vethf37bf79 Link encap:Ethernet HWaddr 5e:df:be:91:03:d6
inet6 addr: fe80::5cdf:beff:fe91:3d6/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:145 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:728 (728.0 B) TX bytes:12142 (12.1 KB)
ip6tables --list
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
DOCKER-ISOLATION all anywhere anywhere
DOCKER all anywhere anywhere
ACCEPT all anywhere anywhere ctstate RELATED,ESTABLISHED
ACCEPT all anywhere anywhere
ACCEPT all anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain DOCKER (1 references)
target prot opt source destination
ACCEPT tcp anywhere fd4d:6169:6c63:6f77::b tcp dpt:pop3
ACCEPT tcp anywhere fd4d:6169:6c63:6f77::b tcp dpt:imap2
ACCEPT tcp anywhere fd4d:6169:6c63:6f77::b tcp dpt:sieve
ACCEPT tcp anywhere fd4d:6169:6c63:6f77::b tcp dpt:imaps
ACCEPT tcp anywhere fd4d:6169:6c63:6f77::b tcp dpt:pop3s
ACCEPT tcp anywhere fd4d:6169:6c63:6f77::7 tcp dpt:smtp
ACCEPT tcp anywhere fd4d:6169:6c63:6f77::7 tcp dpt:urd
ACCEPT tcp anywhere fd4d:6169:6c63:6f77::7 tcp dpt:submission
ACCEPT tcp anywhere fd4d:6169:6c63:6f77::d tcp dpt:http
ACCEPT tcp anywhere fd4d:6169:6c63:6f77::d tcp dpt:https
Chain DOCKER-ISOLATION (1 references)
target prot opt source destination
RETURN all anywhere anywhere
btw, stopping the containers and rebooting didn't bring back IPv6 connectivity
InfiniteCoder
on 14 Feb 2018
ip6tables, not iptables :-)
andryyy
on 14 Feb 2018
@andryyy commands were right, I made mistake while typing them here 馃槃
InfiniteCoder
on 14 Feb 2018
@andryyy Any suggestions for this?
InfiniteCoder
on 21 Feb 2018
I'm having the same issue.
I have a working ipv6 connection after running docker-compose up -d
It somehow removes the default gateway for eth0 (for ipv6)
normanu
on 19 Apr 2018
@mkuron Have you ever seen this? I have no machine (even on AWS) where this happened.
andryyy
on 19 Apr 2018
Me neither. If someone is able to give me their login credentials for a test machine where this reproducibly occurs, I'm happy to take a look.
mkuron
on 19 Apr 2018
I'll see if I can do something, maybe in next week, maybe tommorrow.
InfiniteCoder
on 19 Apr 2018
This seems same issue as on #744
normanu
on 20 Apr 2018
👍1
@normanu Is your's an aws instance?
InfiniteCoder
on 25 Apr 2018
@InfiniteCoder no mine is a KVM instance on Proxmox
normanu
on 25 Apr 2018
@normanu has his IPv6 configured via router advertisements, is this true for you, @InfiniteCoder ?
andryyy
on 25 Apr 2018
@normanu
Note: IPv6 forwarding may interfere with your existing IPv6 configuration: If you are using Router Advertisements to get IPv6 settings for your host鈥檚 interfaces, set accept_ra to 2 using the following command. Otherwise IPv6 enabled forwarding will result in rejecting Router Advertisements.
$ sysctl net.ipv6.conf.eth0.accept_ra=2
Replace "eth0" accordingly. Fixed it for @MAGICCC
andryyy
on 30 Apr 2018
👍2
Note that you need to make the change persistent
MAGICCC
on 1 May 2018
Confirmed this works!
normanu
on 1 May 2018
Yes, it works for me too. Sorry for taking too long to reply!
InfiniteCoder
on 22 May 2018
Was this page helpful?
0 / 5 - 0 ratings
Related issues
phipag
路
3Comments
bonanza123
路
3Comments
RogerSik
路
3Comments
lgleim
路
3Comments
K2rool
路
3Comments
Most helpful comment
@normanu
Replace "eth0" accordingly. Fixed it for @MAGICCC