[squid-users] After enabling IPv6 squid no longer responds
Amos Jeffries
squid3 at treenet.co.nz
Tue Nov 26 10:01:10 UTC 2019
On 26/11/19 8:11 am, James Moe wrote:
> On 2019-11-14 3:04 PM, Alex Rousskov wrote:
>
>> FYI: "utterly ignored" seems to contradict "error message from squid"
>> above.
>>
> The command "ip a" produces the following rather intimidating output. Should I
> add some more IPv6 addresses to the configuration parameter "localnet"?
You could add the fe80::/10 subnet back in. But it should not have any
noticeable effect on your current problem.
The number of "temporary deprecated dynamic" means your server is
changing its public IP randomly and frequently (so-called 'privacy
addressing'). The addresses marked 'deprecated' can only be used by
existing fully-open TCP connections. New connections to that IP are
rejected as if it did not exist - these addresses are supposed to be
only for outbound traffic anyway.
So ... check if you have any firewall rules or DNS entries regarding
traffic *to* the server. Make sure they only use the addresses marked
'forever' in that list, or the whole fd2f:4760:521f:3f3c::/64 range.
Amos
More information about the squid-users
mailing list