Forum not accessible via IPv6

I can’t access this forum in my desktop with dual stack. There are AAAA DNS entries, but those timeout while trying to do the TLS handshake.

Works fine if I go via IPv4.

1 Like

Please, file an issue on the Infrastructure project.

I would love to, but looks like it’s hosted on the same infrastructure and also broken over IPv6 =/

Examples:

IPv6

➜ ~ curl [https://discourse.gnome.org/](https://discourse.gnome.org/) -vI -6
* Trying 2620:52:3:1:5054:ff:fede:8714:443...
* TCP_NODELAY set
* Connected to [discourse.gnome.org](http://discourse.gnome.org) (2620:52:3:1:5054:ff:fede:8714) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
^C

# timeout

IPv4

➜ ~ curl [https://discourse.gnome.org/](https://discourse.gnome.org/) -vI -4
* Trying 8.43.85.29:443...
* TCP_NODELAY set
* Connected to [discourse.gnome.org](http://discourse.gnome.org) (8.43.85.29) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server accepted to use h2
* Server certificate:
* start date: Sep 30 23:07:08 2020 GMT
* expire date: Dec 29 23:07:08 2020 GMT
* subjectAltName: host "[discourse.gnome.org](http://discourse.gnome.org)" matched cert's "*.[gnome.org](http://gnome.org)"
* issuer: C=US; O=Let's Encrypt; CN=Let's Encrypt Authority X3
* SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x55d9b28a0db0)
> HEAD / HTTP/2
> Host: [discourse.gnome.org](http://discourse.gnome.org)
> user-agent: curl/7.68.0
> accept: */*
>
* Connection state changed (MAX_CONCURRENT_STREAMS == 100)!
< HTTP/2 200
HTTP/2 200
< server: nginx
server: nginx
< date: Fri, 16 Oct 2020 16:21:24 GMT
date: Fri, 16 Oct 2020 16:21:24 GMT
1 Like

Then how did you open this topic and reply? :wink:

I’ve opened an issue for you.

Topic was opened over my phone mobile connection, and the reply was posted via email, as the little icon next to the timestamp of that post shows. But it’s harder to paste the output of curl in my phone.

This seems to be a problem on your end, tested from multiple external sites and the connection works fine. Please see the following test as well.

Thanks!

1 Like