Web UI in IPv4 and IPv6

D

dominique.fournier

Active Member
Jul 25, 2012
26
0
41
Hi
I try to activate the Web UI in IPv4 AND IPv6.
I found this page https://pve.proxmox.com/pve-docs/pveproxy.8.html to enable IPv6.
So I created a /etc/default/pveproxy file and put in it :
LISTEN_IP="2a01:e0a:a:b::c"
I restart the service with :
systemctl restart pveproxy.service spiceproxy.service

But in this case, the IPv4 is not working anymore (of course).

My question is : how should I put "::" to activate both, and request the daemon to listen on all the IP available ?
I also try "::" and "::ffff:0.0.0.0", but they activate only IPv4.

Thanks
 
Hi,
dominique.fournier said:
My question is : how should I put "::" to activate both, and request the daemon to listen on all the IP available ?
Click to expand...
What's your Proxmox VE version pveversion -v ?
As since Proxmox VE 6.4 the pveproxy main API daemon listens on both per default, so you'd just not set the LISTEN_IP variable there at all, but yes, using the :: wildcard (with PVE 6.4 or newer) would make the API proxy listen on both, IPv4 and IPv6.
 
# pveversion -v
proxmox-ve: 6.4-1 (running kernel: 5.4.157-1-pve)
pve-manager: 6.4-13 (running version: 6.4-13/9f411e79)

I will try to upgrade in version 7 to see if the problem is solved.
 
dominique.fournier said:
# pveversion -v
Click to expand...
The full output of that command would be interesting to ensure no dependency is outdated/held back, as the change needs also newer libhttp-server and libpve-common packages IIRC, the manager version itself should be recent enough.

Just to be sure: How do you check where the web.interface listens (not that it's a FW issue), e.g., can you post the output of:
Bash: 
ss -tlpn
 
# pveversion -v
Code: 
proxmox-ve: 6.4-1 (running kernel: 5.4.157-1-pve)
pve-manager: 6.4-13 (running version: 6.4-13/9f411e79)
pve-kernel-5.4: 6.4-11
pve-kernel-helper: 6.4-11
pve-kernel-5.3: 6.1-6
pve-kernel-5.4.157-1-pve: 5.4.157-1
pve-kernel-5.4.143-1-pve: 5.4.143-1
pve-kernel-5.4.128-1-pve: 5.4.128-2
pve-kernel-5.3.18-3-pve: 5.3.18-3
ceph-fuse: 12.2.13-pve1
corosync: 3.1.5-pve2~bpo10+1
criu: 3.11-3
glusterfs-client: 5.5-3
ifupdown: 0.8.35+pve1
ksm-control-daemon: 1.3-1
libjs-extjs: 6.0.1-10
libknet1: 1.22-pve2~bpo10+1
libproxmox-acme-perl: 1.1.0
libproxmox-backup-qemu0: 1.1.0-1
libpve-access-control: 6.4-3
libpve-apiclient-perl: 3.1-3
libpve-common-perl: 6.4-4
libpve-guest-common-perl: 3.1-5
libpve-http-server-perl: 3.2-3
libpve-storage-perl: 6.4-1
libqb0: 1.0.5-1
libspice-server1: 0.14.2-4~pve6+1
lvm2: 2.03.02-pve4
lxc-pve: 4.0.6-2
lxcfs: 4.0.6-pve1
novnc-pve: 1.1.0-1
proxmox-backup-client: 1.1.13-2
proxmox-mini-journalreader: 1.1-1
proxmox-widget-toolkit: 2.6-1
pve-cluster: 6.4-1
pve-container: 3.3-6
pve-docs: 6.4-2
pve-edk2-firmware: 2.20200531-1
pve-firewall: 4.1-4
pve-firmware: 3.3-2
pve-ha-manager: 3.1-1
pve-i18n: 2.3-1
pve-qemu-kvm: 5.2.0-6
pve-xtermjs: 4.7.0-3
qemu-server: 6.4-2
smartmontools: 7.2-pve2
spiceterm: 3.1-1
vncterm: 1.6-2
zfsutils-linux: 2.0.6-pve1~bpo10+1

# ss -tlpn (When I force the IPv6 address in LISTEN_IP)
Code: 
State   Recv-Q   Send-Q               Local Address:Port     Peer Address:Port                                                                                  
LISTEN  0        5                        127.0.0.1:3551          0.0.0.0:*      users:(("apcupsd",pid=8038,fd=6))                                              
LISTEN  0        128                        0.0.0.0:111           0.0.0.0:*      users:(("rpcbind",pid=1121,fd=4),("systemd",pid=1,fd=42))                      
LISTEN  0        128                      127.0.0.1:85            0.0.0.0:*      users:(("pvedaemon worke",pid=15477,fd=6),("pvedaemon worke",pid=8892,fd=6),("pvedaemon worke",pid=6803,fd=6),("pvedaemon",pid=2340,fd=6))
LISTEN  0        10                   192.168.10.99:53            0.0.0.0:*      users:(("named",pid=1814,fd=23))                                               
LISTEN  0        10                       127.0.0.1:53            0.0.0.0:*      users:(("named",pid=1814,fd=22))                                               
LISTEN  0        128                        0.0.0.0:22            0.0.0.0:*      users:(("sshd",pid=1825,fd=3))                                                 
LISTEN  0        100                      127.0.0.1:25            0.0.0.0:*      users:(("master",pid=2137,fd=13))                                              
LISTEN  0        128                      127.0.0.1:953           0.0.0.0:*      users:(("named",pid=1814,fd=24))                                               
LISTEN  0        128        [2a01:e0a:2a7:9cd0::99]:8006             [::]:*      users:(("pveproxy worker",pid=22068,fd=6),("pveproxy worker",pid=22067,fd=6),("pveproxy worker",pid=22065,fd=6),("pveproxy",pid=11205,fd=6))
LISTEN  0        128                           [::]:111              [::]:*      users:(("rpcbind",pid=1121,fd=6),("systemd",pid=1,fd=44))                      
LISTEN  0        128                              *:4949                *:*      users:(("munin-node",pid=1900,fd=5))                                           
LISTEN  0        10                            [::]:53               [::]:*      users:(("named",pid=1814,fd=21))                                               
LISTEN  0        128                           [::]:22               [::]:*      users:(("sshd",pid=1825,fd=4))                                                 
LISTEN  0        128        [2a01:e0a:2a7:9cd0::99]:3128             [::]:*      users:(("spiceproxy work",pid=21878,fd=6),("spiceproxy",pid=11344,fd=6))       
LISTEN  0        100                          [::1]:25               [::]:*      users:(("master",pid=2137,fd=14))                                              
LISTEN  0        128                          [::1]:953              [::]:*      users:(("named",pid=1814,fd=25))

If I don't force the IPADDRESS :
Code: 
State       Recv-Q      Send-Q            Local Address:Port             Peer Address:Port                                                                                                                                                         
LISTEN      0           5                     127.0.0.1:3551                  0.0.0.0:*          users:(("apcupsd",pid=8038,fd=6))                                                                                                                 
LISTEN      0           128                     0.0.0.0:111                   0.0.0.0:*          users:(("rpcbind",pid=1121,fd=4),("systemd",pid=1,fd=42))                                                                                         
LISTEN      0           128                   127.0.0.1:85                    0.0.0.0:*          users:(("pvedaemon worke",pid=15477,fd=6),("pvedaemon worke",pid=8892,fd=6),("pvedaemon worke",pid=6803,fd=6),("pvedaemon",pid=2340,fd=6))        
LISTEN      0           10                192.168.10.99:53                    0.0.0.0:*          users:(("named",pid=1814,fd=23))                                                                                                                  
LISTEN      0           10                    127.0.0.1:53                    0.0.0.0:*          users:(("named",pid=1814,fd=22))                                                                                                                  
LISTEN      0           128                     0.0.0.0:22                    0.0.0.0:*          users:(("sshd",pid=1825,fd=3))                                                                                                                    
LISTEN      0           100                   127.0.0.1:25                    0.0.0.0:*          users:(("master",pid=2137,fd=13))                                                                                                                 
LISTEN      0           128                   127.0.0.1:953                   0.0.0.0:*          users:(("named",pid=1814,fd=24))                                                                                                                  
LISTEN      0           128                           *:8006                        *:*          users:(("pveproxy worker",pid=16951,fd=6),("pveproxy worker",pid=16950,fd=6),("pveproxy worker",pid=16949,fd=6),("pveproxy",pid=16948,fd=6))      
LISTEN      0           128                        [::]:111                      [::]:*          users:(("rpcbind",pid=1121,fd=6),("systemd",pid=1,fd=44))                                                                                         
LISTEN      0           128                           *:4949                        *:*          users:(("munin-node",pid=1900,fd=5))                                                                                                              
LISTEN      0           10                         [::]:53                       [::]:*          users:(("named",pid=1814,fd=21))                                                                                                                  
LISTEN      0           128                        [::]:22                       [::]:*          users:(("sshd",pid=1825,fd=4))                                                                                                                    
LISTEN      0           128                           *:3128                        *:*          users:(("spiceproxy work",pid=16964,fd=6),("spiceproxy",pid=16963,fd=6))                                                                          
LISTEN      0           100                       [::1]:25                       [::]:*          users:(("master",pid=2137,fd=14))                                                                                                                 
LISTEN      0           128                       [::1]:953                      [::]:*          users:(("named",pid=1814,fd=25))
 
Seems working just fine?

If you do force an IPv6 it listens just on that ([2a01:e0a:2a7:9cd0::99]:8006):
dominique.fournier said:
LISTEN 0 128 [2a01:e0a:2a7:9cd0::99]:8006 [::]:* users:(("pveproxy worker",pid=22068,fd=6),("pveproxy worker",pid=22067,fd=6),("pveproxy worker",pid=22065,fd=6),("pveproxy",pid=11205,fd=6))
Click to expand...
And if you do not force any explicit IP it listens on the full wildcard (*:8006):
dominique.fournier said:
LISTEN 0 128 *:8006 *:* users("pveproxy worker",pid=16951,fd=6),("pveproxy worker",pid=16950,fd=6),("pveproxy worker",pid=16949,fd=6),("pveproxy",pid=16948,fd=6))
Click to expand...

So the "listen on both" definitively works from the PVE API daemon point of view, if you still cannot connect via a specific IP version I'd check firewall/network.
 
Hi Thomas
After upgrading to proxmox 7, the problem disappears. I can connect to the interface by IPv4 and IPv6

Thanks a lot !
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back