Failed reachability for IPv6

f0x · October 26, 2021, 7:48am

I configured the remote access for my nextbox a while ago and everything worked fine. A week ago I found that there was a warning in the “Remote Access” settings of the Nextbox app saying that the reachability test for the IPv6 failed (Resolving works). I am sure that this used to work before. The only change to the system I am aware of is an update for my Fritzbox (6591 Cable). Therefore I set up the DNS Rebind protection once again, rebootet the Fritzbox but didn’t get an improvement.
I have been watching this behaviour over some days and it’s strange that I sometimes can reach a Nextcloud Instance (hopefully mine) when directly putting the IPv6 into my browser but then its a http connection only and the Nextcloud does not let me login. On other days I can’t reach the IPv6 at all.
Since IPv4 is working completely fine I don’t have urgent problems. If anyone has an idea how to fix the IPv6 thing please let me know.

daringer · October 26, 2021, 1:34pm

Generally this is hard to debug as the frontend lacks some more information and details of the reachability test, this will be updated with the next release (hopefully somewhere beginning next week)

f0x · October 26, 2021, 5:08pm

Ok, so I’ll just wait for the update and report back what happens.
Thanks for the feedback!

tobj · January 29, 2025, 12:03am

I have the same behavior here, but its years later. Any ideas?

urmatej · May 15, 2025, 8:37pm

Hello,
this failed reachability really bugs me and I found myself on a step, I do not dare make.
Using ChatGPT I enabled IPv6 in Docker by creating /etc/docker/daemon.json with:

{
“ipv6”: true,
“fixed-cidr-v6”: “fd00:dead:beef::/48”
}

I am suppose to bind container on IPv6 and should uninstall and then install nextbox-daemon to recreate containers using IPv6 configuration.

Is this a stupid idea?

Thank you.
Matej

urmatej · May 15, 2025, 8:44pm

Or, to give all the credit to ChatGPT, it wrote my question with some more info:

Hi all,
I’m running NextBox on a Raspberry Pi behind a Fritz!Box router. I’ve configured:

Fritz!Box to allow IPv6 and IPv4 traffic on ports 80 and 443 (both directions)
DNS via deSEC, with proper A and AAAA records pointing to my public IPs
My Pi has a public IPv6 address, and ping6 google.com works fine
dig AAAA my.domain.tld resolves correctly
curl -6 https://my.domain.tld fails
ip6tables shows empty (no blocking)
Docker containers (including NextBox) are only listening on IPv4:
0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp
docker network inspect bridge shows “EnableIPv6”: true, but no IPv6 addresses

Since I’m using the default NextBox setup, I don’t want to manually recreate containers or break the integration with nextbox-daemon. I’d like to know:

How can I enable full IPv6 support for NextBox so that it listens on [::]:80 and [::]:443?

Is there a safe, NextBox-supported way to do this without manually overriding the container?

If not, is it acceptable to use a workaround like socat or nginx on the host to forward incoming IPv6 traffic to IPv4 (127.0.0.1:443)?

urmatej · June 14, 2025, 12:50pm

Hello,
as I am getting no answers, I started thinking that you might get this questions as my caprice, just because not all tests are green.

On eduroam (eduroam.org) I can not access my nextbox through my domain, as I get an error, that “Protective DNS prevents access to domains known to be malicious.” I asked the tech guys and got an answer, that my nextbox does not get resolved correctly. The only thin that is not working is ipv6. Hence, searching for a sollution.

If anyone has an idea, I will gladly check it out.
Regards
Matej