Update period new IP

11 posts / 0 new
Last post
#1 Mon, 04/10/2017 - 04:52
victornewman

Update period new IP

Hi everyone,

I have just started to use virtualmin on my vps server. Somehow my Ipv6 was different then my vps ptr record on my website. I read here forms and I understand that I need to change IP adreess to IPv6 which I have ptr record on it. To do that first I went to networking ->network conficuration ->Network interface->Activated at boot and add new record for eth0 with desired IPv6 and also my old IPv4 (this one I don't need to change) then I restart my vps and I wen to wirtualmin / server configiration -> Change IP adress. Ipv6 was there under the list as -shared address I chose this one and again restart my server.

Now I can see my IPv6 adress under system information -->IP address allocation, it is excatly how I want.

Here is the problem I did this one on friday so it is more than 48 hours but still when I check my nslookup on cmd command line I am seeing my old IPv6. Well I know it takes time to update IP changes but 48 hours?

Am I doing someting wrong or I just need to be more patient?

P.S. I need IPv6 on ptr recorded version because google refusse emails from my server.

Thanks in advance for your answers and time. Victor

Tue, 04/11/2017 - 11:23
volk

DNS can take up to 72 hours actually depending on the cache server. You can't control the DNS cache on your DNS provider, all you can do is control it on your DNS server, cable modem or router and end computer.

But I don't think this is your problem. Networking changes with IP's are not related to DNS. (you are not resolving names but using the IP's directly)

Have you contacted your VPS provider? They should be the ones giving you support for network related issues because I assume they are the ones giving you the IPv6 address.

Thu, 04/13/2017 - 09:06
victornewman

Yes I asked from my vps company to setup ptr record this process finished forboth Ipv4 and Ipv6. Yesterday I noticed that under BIND DNS server->Master Zone-> IPV6 address records still were showing old IPv6 for mail.domain.ltd and others. SO I changed them too.

I have checked out all virtualmin menu my old IPv6 is just in Network->network configuration->Network interface->Active now->eth0. I have tried to changed to new IPv6 too but as I restart vps it turns always old Ipv6. I have noticed that there is expelnation as "you should edit them under the Activated at Boot tab." which already I created new Ipv6 under Activated at Boot tab.

I think problem is there. Because I am changing under active now<>eth0 IPv6, send e-mail to gmail accounts it is succesful, Then I restart server Ipv6 turn to old one I send e-mail again to gmail accounts and I receive same error message from gmail as I don't have ptr record on old IPv6.

Ps. My new record under - Activated at Boot tab- works because under System Information -> IP Address Allocation I can see new Ipv6 but somehow gmail is not agree about it:)

Any idea? regards

Victor

Thu, 04/13/2017 - 16:34
volk

I'm not sure what you are trying to do exactly. Run IPv4 and IPv6 at the same time?

Is there any reason why you want to run IPv6? IPv6 probably does not work for Gmail but I could be wrong. IPv6 does not work with anything. I don't even thing that even 15% of the Internet devices in the world are using IPv6 today, so any device from your server to Gmail in the middle that does not accept or work with IPv6 will not work.

You certainly have to be insane if you try to use email with IPv6 today, 90% of email servers will reject the messages, as most of them are not on IPv6 networks yet.

If that is what you are asking, why Gmail rejects your messages, then that is probably the reason or some mis-configuration in your network. Stick for IPv4 for important things and only switch to IPv6 if you are sure all servers and devices to which you want to communicate talk IPv6, as you can see, otherwise you will need to fallback to IPv4 or use NAT for translations for unsupported devices.

If you don't have a deep understanding of networking, I don't suggest you to play with IPv6. Your OS has to support it, Virtualmin has to support it, your server has to support, your DNS, your network (router, switches, etc) and everything else in the middle. I'm sorry to say this but we are not there yet when it comes to IPv6.

To discard any Virtualmin issues I would see what network settings are in your operating system first. Virtualmin just reads that information, so if the config is changed or reverted, its done by the OS, not the software. Virtualmin/Webmin are just visual interfaces to what is there in your operating system.

Thu, 04/13/2017 - 19:07
Diabolico
Diabolico's picture
I don't even thing that even 15%

Actually its 17% based on Google last reports.

But there is more to the story:
1. Right now IPv6 is mostly used by spammers and bots. Reason is simple - you can buy a VPS with /64 IPv6 and no IPv4 for less than 10$ or even 5$.
2. Traditional methods used to deal with abuse from IPv4 dont look so great when it comes to IPv6 where you can pay less than 10$/mo and have millions of IP's.

This are just two examples why all my servers have blocked IPv6 on software and network level, e.g. nothing goes in or out using IPv6. Before i disabled IPv6 literally 99+% of all incoming traffic was abuse. So to protect my clients i had two solutions, start blocking entire IP ranges or take much easier, simpler and for the server less stressful approach and completely block IPv6.

- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.

Thu, 04/13/2017 - 19:15
volk

Yeah I'm not excited for that reason either. Can you imagine if firewall's today have a hard time blocking IPv4 blocks how they will suffer with billions of IPv6 addresses? Most VPS can't even block a few thousands because of resources...

You mentioned spam. How about DDoS attacks?

The idea was that providers would give customers the same blocks so even if they had a lot of them it would be easy to block or identify them but it does not seem to be the case. People want different ranges exactly to avoid that.

I will personally keep blocking IPv6 for years to come just to avoid attacks and other problems because just like you mentioned, some providers seem to give millions of IP's for free or nothing.

It will be a disaster....when someone can get 1 million different address for free. And blocking the whole provider or IP's assigned to that company will not be a solution either. It's a management nightmare if you ask me.

No different than the new domain extensions. I know some system admins are blocking all emails coming from new extensions because 99.99% of the email traffic from them today is spam and malware.

No surprise if something like .xyz was offered for 1 cent !!! Yes, 1 cent !!!

Thu, 04/13/2017 - 19:26
Diabolico
Diabolico's picture

.XYZ domains are not even close to a clusterf**k of .science, .study and many other newgTLD's, but free to check the list here: https://www.spamhaus.org/statistics/tlds/.

For the rest i 100% agree with you.

- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.

Fri, 04/14/2017 - 04:31
victornewman

Hi,

I am sorry to break your enjoyment but still I don’t have solution for my problem.

Using Ipv6 or not is not your desicion even not mine. Major player desided to use it and we will use it too, soon or later it will happens. For example facebook “Sharing Debugger” doesn’t work if your website / server doesn’t support Ipv6, as facebook has 2 billion account it is problem for me because everybody around my business using facebook. When they share my page I want my design will show up not what facebook chose randomly from my site. When you open for facebook Ipv6, than gmail takes it as default too.

Briefly I agree with both of you it is headache but it is not something that I take with my own wishes. If major player will push more on it, believe me every one of you will beg for Ipv6. Whatever let’s talk about problem instead of this;

I chose vps which support both at the same time so my server has Ipv4 and Ipv6. Yes I expect both will work at the same time and I know virtualmin support this. Here is how this problem comes out. I bought vps than same day I setup Ubuntu 14 and virtualmin as I see support Ipv6 on setup I jump on it because people need it (not me) and system gives me a shared IPV6. I was happy until gmail refuse my emails. I asked to my vps to record ptr they did, again I receive same error, I ask again to vps because I guess it they make record just for ipv4, they said sorry today we make ptr record for your ipv6 too. Then error message keep coming because when I setup first time vitualmin and firs virtual server as my domain, system gives me different Ipv6. Very normal because these days I didn’t have ipv6 (you should request for free from vps it takes one days) as I get my new Ipv6 from server my virtualmin was already setup with very long ipv6, my vps company gave me almost half of it. (size is always matter:))

So I guess because of timing I have this problem. I change active now>>eth0 Ipv6 but after reboot it turns old (useless long Ipv6) one. Also I try to change from virtualmin system settings>>virtualmin configuration>>setup default IPv6 address with new short one. But still eth0 is showing same old Ipv6 (after I change default ipv6 with new one I change eth0 –active now record too)

In fact I have another record which is under Webmin>>networking>>Network configuration>>Network interface>>Activated at boot >> new interface name is eth0 and I register with correct Ipv6 and it should be work because under system information I can see correct IPv6.

Yes we all hate ipv6… but Any idea on solution?

Victor

Fri, 04/14/2017 - 04:57
volk

To be honest, I don't understand your problem. You don't make it very clear in your post. I'm very confused about what exactly you are trying to explain. All I know is that you have a problem with Gmail.

You had an IPv6 address set, then your provider gave you another one, but when you restart Virtualmin its sets back to the old one you had previously? Is this your problem?

Also, how or why exactly do you think your email problem is related to this? If your messages to Gmail bounce back, Gmail will give you the error. Otherwise, you can check the Postfix logs to see why exactly it's rejected.

You are telling this is related to IPv6. How exactly do you think this has any relationship to Virtualmin? I bet my cards on your OS Ubuntu or your provider. If you have a problem connecting to the Internet with IPv6, this is not related to Virtualmin in any way. It's your VPS provider that should help you out and look what's going on.

Fri, 04/14/2017 - 06:41
victornewman

Ok you right it is my mistake I need to explain short and clear.

I have ptr record on my Ipv6 (let's say xxxx.xxx.xxxx.xxxx) and I can see this ipv6 everywhere; with host and dig command or "nslookup domain.com txt" command or "nslookup domain.com mx" command even under virtualmin sytem information.

What is my problem: gmail refuse my domain emails with the message that I don't have ptr record on ipv6 which is not xxxx another one, different one (let's say yyyy.yyyy.yyyy.yyyy) this ipv6 which is in error message is indicated only one place at virtualmin and I can not change it. As you said Virtualmin its sets back on restart old ipv6 again and again.

Why am I thinking problem is there? because of gmail error message with old ipv6 (yyyy...) and it is only one place indicated (active now-eth0). I checked error log too and I can see this old ipv6 there too (lip=my old ipv6 which doesn't have ptr record and gmail keep sending to me error on it) so my mail server keep using old ipv6 to send mail.

How it can be possible?

Victor

Fri, 04/14/2017 - 07:27
victornewman

Okay by writing here I make problem clear for myself too and I find the solution.

Solution is pushing postfix to use ipv4 to I change a line on /etc/postfix/main.cf it was inet_protocols = all I changed to inet_protocols = ipv4

It is not real solution but whatever it works.

Victor

Topic locked