Debugging ipv6

To: debian-user@lists.debian.org
Subject: Debugging ipv6
From: Tony van der Hoff <tony@vanderhoff.org>
Date: Mon, 09 Feb 2015 12:50:19 +0000
Message-id: <[🔎] 54D8AD0B.3090107@vanderhoff.org>

I have a VPS, with an ipv6 address. It responds correctly to ping packets:

tony@tony-lx:~$ ping6 vanderhoff.org
PING vanderhoff.org(2a03:9800:10:54::1) 56 data bytes
64 bytes from 2a03:9800:10:54::1: icmp_seq=1 ttl=58 time=13.6 ms
64 bytes from 2a03:9800:10:54::1: icmp_seq=2 ttl=58 time=12.1 ms
64 bytes from 2a03:9800:10:54::1: icmp_seq=3 ttl=58 time=11.8 ms

However, when I attempt to ssh into it, it baulks:
tony@tony-lx:~$ ssh -6 vanderhoff.org
ssh: connect to host vanderhoff.org port 22: Connection refused

ssh -4 works fine:
tony@tony-lx:~$ ssh -4 vanderhoff.org
Linux shell 3.2.0-4-amd64 #1 SMP Debian 3.2.65-1+deb7u1 x86_64

/etc/sshd_config has ipv6 enabled:
# What ports, IPs and protocols we listen for
Port 22
# Use these options to restrict which interfaces/protocols sshd will bind to
ListenAddress ::
ListenAddress 0.0.0.0

My firewall should let ssh6 packets through (I think):
tony@shell:~$ sudo ip6tables -L -v
[sudo] password for tony:
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source
destination
    0     0 ACCEPT     udp      any    any     anywhere
anywhere             udp dpt:openvpn
    0     0 ACCEPT     tcp      any    any     anywhere
anywhere             tcp spt:https
 2421  301K ACCEPT     tcp      any    any     anywhere
anywhere             tcp spt:http
 3955  350K ACCEPT     tcp      any    any     anywhere
anywhere             tcp dpt:http
    0     0 ACCEPT     tcp      any    any     anywhere
anywhere             tcp spt:domain
    0     0 ACCEPT     udp      any    any     anywhere
anywhere             udp spt:domain
    0     0 ACCEPT     tcp      any    any     anywhere
anywhere             tcp dpt:domain
    0     0 ACCEPT     udp      any    any     anywhere
anywhere             udp dpt:domain
    0     0 ACCEPT     tcp      any    any     anywhere
anywhere             tcp dpt:http
    0     0 ACCEPT     all      any    any     anywhere
tony-lx.magpieway.net/128
    0     0 ACCEPT     all      any    any     tony-lx.magpieway.net/128
 anywhere
   25  4458 ACCEPT     tcp      any    any     anywhere
anywhere             tcp dpt:smtp
    0     0 ACCEPT     udp      any    any     anywhere
anywhere             udp dpt:ntp
    0     0 ACCEPT     tcp      any    any     anywhere
anywhere             tcp dpt:ntp
38640   96M ACCEPT     all      any    any     localhost/128
localhost/128
    0     0 ACCEPT     ipv6-icmp    any    any     anywhere
anywhere
    0     0 ACCEPT     tcp      any    any     anywhere
anywhere             tcp dpt:ssh
    0     0 LOG        all      any    any     anywhere
anywhere             limit: avg 5/min burst 5 LOG level debug prefix
"ip6tables denied: "
    0     0 DROP       all      any    any     anywhere
anywhere

I get no ip6tables reject entries in my log.

I used to be able to access this server over ipv6, so something's
broken. Can anyone please suggest where else to look, or how to diagnose
this problem.

Cheers, Tony.
-- 
Tony van der Hoff        | mailto:tony@vanderhoff.org
Buckinghamshire, England |

Reply to:

Follow-Ups:
- Re: Debugging ipv6
  - From: Darac Marjal <mailinglist@darac.org.uk>

Prev by Date: Re: WD Reds get dropped on boot
Next by Date: Re: WD Reds get dropped on boot
Previous by thread: Re: Re: boot, missing module, and luks issues, please help
Next by thread: Re: Debugging ipv6
Index(es):
- Date
- Thread