Cannot access OMV via IPV6 on local network

nieebel · 12. Dezember 2020

Hi everybody, I'm new to the game and I really enjoy OMV 5.5.13-3 on my small Intel (GA-J3455N-D3H) so far!

In local network, everything works great.

Then I tried to setup the access from the internet via one of TechnoDadsLife great movies:

Externer Inhalt www.youtube.com

Inhalte von externen Seiten werden ohne Ihre Zustimmung nicht automatisch geladen und angezeigt.

Durch die Aktivierung der externen Inhalte erklären Sie sich damit einverstanden, dass personenbezogene Daten an Drittplattformen übermittelt werden. Mehr Informationen dazu haben wir in unserer Datenschutzerklärung zur Verfügung gestellt.

And I was not able to make it work

What I guess, could be a problem:

I have a UnityMedia Router (Germany) and it seems that this only supports IP/Port-Forwarding to an local ipv6 address.

I did some tests on local network and I found out, that I'm not able to reach omv from my laptop via ipv6:

Code

laptop:~# curl http://[2a02:8071:19f:a800:4829:feff:fe7e:2b48]:80
curl: (3) [globbing] bad range in column 9

While with omv's ipv4 address, I do get a proper return (see screenshot):

Code

laptop:~# curl http://192.168.10.45:80

When I ssh to omv, I can access it's own ipv6 address (see screenshot):

Code

root@omv-01:~# curl http://[2a02:8071:19f:a800:4829:feff:fe7e:2b48]:80

Is there something wrong with omv's firewalls on my machine? Do I need to configure something here?

Here are my iptables which I didn't touch (except installing docker and the legacy thing which the OMV UI told me to click):

Code

root@omv-01:~# /usr/sbin/ip6tables-legacy -nvL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

root@omv-01:~# /usr/sbin/iptables-legacy -nvL
Chain INPUT (policy ACCEPT 11307 packets, 3101K bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
  414  105K DOCKER-USER  all  --  *      *       0.0.0.0/0            0.0.0.0/0
  414  105K DOCKER-ISOLATION-STAGE-1  all  --  *      *       0.0.0.0/0            0.0.0.0/0
  165 80977 ACCEPT     all  --  *      docker0  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 DOCKER     all  --  *      docker0  0.0.0.0/0            0.0.0.0/0
  249 24227 ACCEPT     all  --  docker0 !docker0  0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     all  --  docker0 docker0  0.0.0.0/0            0.0.0.0/0

Chain OUTPUT (policy ACCEPT 9780 packets, 15M bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain DOCKER (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 ACCEPT     tcp  --  !docker0 docker0  0.0.0.0/0            172.17.0.2           tcp dpt:9443
    0     0 ACCEPT     udp  --  !docker0 docker0  0.0.0.0/0            172.17.0.2           udp dpt:1194
    0     0 ACCEPT     tcp  --  !docker0 docker0  0.0.0.0/0            172.17.0.3           tcp dpt:9000
    0     0 ACCEPT     tcp  --  !docker0 docker0  0.0.0.0/0            172.17.0.2           tcp dpt:943
    0     0 ACCEPT     tcp  --  !docker0 docker0  0.0.0.0/0            172.17.0.3           tcp dpt:8000

Chain DOCKER-ISOLATION-STAGE-1 (1 references)
 pkts bytes target     prot opt in     out     source               destination
  249 24227 DOCKER-ISOLATION-STAGE-2  all  --  docker0 !docker0  0.0.0.0/0            0.0.0.0/0
  414  105K RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain DOCKER-ISOLATION-STAGE-2 (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 DROP       all  --  *      docker0  0.0.0.0/0            0.0.0.0/0
  249 24227 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain DOCKER-USER (1 references)
 pkts bytes target     prot opt in     out     source               destination
  414  105K RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

Alles anzeigen

The network interface is in bridge mode, since it's a small KVM server with 2 LAN ports, which I bought pre-configured: https://www.ebay.de/itm/154021746364

Code

root@omv-01:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: enp3s0: <NO-CARRIER,BROADCAST,MULTICAST,SLAVE,UP> mtu 1500 qdisc pfifo_fast master bond0 state DOWN group default qlen 1000
    link/ether 46:57:a6:a5:37:ac brd ff:ff:ff:ff:ff:ff
3: enp4s0: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master bond0 state UP group default qlen 1000
    link/ether 46:57:a6:a5:37:ac brd ff:ff:ff:ff:ff:ff
4: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 4a:29:fe:7e:2b:48 brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.45/24 brd 192.168.10.255 scope global dynamic br0
       valid_lft 2009sec preferred_lft 2009sec
    inet6 2a02:8071:19f:a800:4829:feff:fe7e:2b48/64 scope global dynamic mngtmpaddr noprefixroute
       valid_lft 154297sec preferred_lft 67897sec
    inet6 fe80::4829:feff:fe7e:2b48/64 scope link
       valid_lft forever preferred_lft forever
5: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue master br0 state UP group default qlen 1000
    link/ether 46:57:a6:a5:37:ac brd ff:ff:ff:ff:ff:ff
6: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
    link/ether 02:42:c4:50:d2:6c brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
    inet6 fe80::42:c4ff:fe50:d26c/64 scope link
       valid_lft forever preferred_lft forever
8: vethe73f1b9@if7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
    link/ether f6:92:c8:51:28:c7 brd ff:ff:ff:ff:ff:ff link-netnsid 0
    inet6 fe80::f492:c8ff:fe51:28c7/64 scope link
       valid_lft forever preferred_lft forever
10: veth2827993@if9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
    link/ether d6:49:ea:ee:21:8f brd ff:ff:ff:ff:ff:ff link-netnsid 1
    inet6 fe80::d449:eaff:feee:218f/64 scope link
       valid_lft forever preferred_lft forever
12: veth1ac2c69@if11: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
    link/ether 3e:b7:b0:44:06:7c brd ff:ff:ff:ff:ff:ff link-netnsid 2
    inet6 fe80::3cb7:b0ff:fe44:67c/64 scope link
       valid_lft forever preferred_lft forever

Alles anzeigen

I'm grateful for any ideas or suggestions!

Thanks!

Cannot access OMV via IPV6 on local network

KM0201 12. Dezember 2020

Jetzt mitmachen!

Tags