What ipv6 addresses are allowed?

Hello!

I wonder what types of ipv6 addresses are allowed for servers?

Got an error with Teredo-address and found only this thread, where it mentioned = TLS-SNI-01 To HTTP-01 .

Thanks in advance!

Teredo (6to4) addresss are not allowed. Here's the thread where we discussed it and came to a decision: Problems validating IPv6 against host running 6to4 - #9 by jsha

As deprecated as Teredo is, I wouldn't think it would actually cause any problems, assuming that it actually gets routed to the right server. If you post the answers to the general help questions (especially your domain name and what error you're seeing) you might be able to get better answers.

Teredo (2001::/32) is a different encapsulation approach than 6to4 (2002::/16). While I can see how 6to4 wouldn't be considered secure, I wouldn't think that Teredo would have the same problem? I'm far from an expert on it, though.

Edit: Nevermind, I think they may have the same problem after re-reading a bit about them.

1 Like

Thanks for the clarification! I'm also far from an expert. But either way, Teredo is currently blocked by Boulder: https://github.com/letsencrypt/boulder/blob/9ac85891bb3cfba4ecb45c8cf9fff3e639e2126a/bdns/dns.go#L126-L144.

1 Like

So I guess the answer is, to get a "real" IPv6 address from your Internet provider. It should be a standard feature at this point (by which I mean, for the past couple decades), but some ISPs are incompetent and don't have adequate competition.

3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.