- Mark as New
- Bookmark
- Subscribe
- Subscribe to this message's RSS Feed
- Highlight this Message
- Report Inappropriate Content
Smarthub 2 creates pinhole for wrong IPv6 address
My Linux box configures two IPv6 addresses - one appears to be always the same and has the "noprefixroute" flag, and therefore cannot be accessed externally; the other is new every boot-up and is the one intended to be externally accessible. The Smarthub 2 should create a pinhole for the second, but most often creates it for the first, which means it is not accessible from outside.
This is a problem when I need to use certbot to renew certificates, because port 80 (or 443) must be accessible from outside to respond to the ACME challenge.
The Smarthub 2's interface is dumbed down to the point of unusability - I can't change the address of an IPv6 device, nor can I add a device with an IPv6 address that I choose.
Does anyone know a solution?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to this message's RSS Feed
- Highlight this Message
- Report Inappropriate Content
Re: Smarthub 2 creates pinhole for wrong IPv6 address
I cant answer the original question but surely with that sort of requirement you would be better off using your own router so you can see what is actually going on whilst also completely open configuration. I cant imagine when the Hub2 was put together the concern was around folks utilizing IPV6, more like just folks switching it on and forgetting about it.
Anyway, surely if an IP you want to access externally keeps changing thats problematic anyway, you cant forward ports to an internal IP that keep changing, is that what you are saying, that you cannot set a static IP in the Router for IPV6?
If so why dont you just set the IP address on the linux box manually and take it out of the DHCP range on the router?
BT900 | Nokia ONT | Ubiquiti ER-X | EETV Box Pro (IP Mode) | Unifi CK2 | 6x Unifi U6+ | 2x Unifi SAK Ultra
- Mark as New
- Bookmark
- Subscribe
- Subscribe to this message's RSS Feed
- Highlight this Message
- Report Inappropriate Content
Re: Smarthub 2 creates pinhole for wrong IPv6 address
- Mark as New
- Bookmark
- Subscribe
- Subscribe to this message's RSS Feed
- Highlight this Message
- Report Inappropriate Content
Re: Smarthub 2 creates pinhole for wrong IPv6 address
Sorry, I'm lost.
Are the IPV6 addresses internal (LAN) or external?
I use dynamic DNS for my PPPOE IP4 address, just to update an A record when BT ever give me a different address, so I can always find my LAN from an external DNS record, then my router will port forward based on what I tell it to to fixed local addresses.
So I just dont think I understand your scenario or setup or expectation.
BT900 | Nokia ONT | Ubiquiti ER-X | EETV Box Pro (IP Mode) | Unifi CK2 | 6x Unifi U6+ | 2x Unifi SAK Ultra
- Mark as New
- Bookmark
- Subscribe
- Subscribe to this message's RSS Feed
- Highlight this Message
- Report Inappropriate Content
Re: Smarthub 2 creates pinhole for wrong IPv6 address
The addresses I'm concerned with are external ones.
To update SSH/TLS certificates, I have to run certbot, which makes Let's Encrypt issue ACME challenges to verify that I own the domain in question. These challenges come in from several sites in the outside world. Hence certbot must be accessible from the outside world via port 80 or 443 for a few seconds while it responds to the challenges. The easiest way is to leave the chosen pinhole permanently open; certbot is only invoked for a few seconds while doing the update.
For more context, maybe it would help if you search the Internet for certbot, ACME challenge, and Let's Encrypt. The trouble is that I know how it works, so I probably take some particular knowledge for granted, i.e. I don't know what you don't know!
- Mark as New
- Bookmark
- Subscribe
- Subscribe to this message's RSS Feed
- Highlight this Message
- Report Inappropriate Content
Re: Smarthub 2 creates pinhole for wrong IPv6 address
Mate your first paragraph is about IPV6 addressing and how it can or cannot be accessed externally, you go on to mention pinhole, another name for port forwarding right? Sounds like a typical external IP to internal IP port forward question at that point.
But youre right, the rest I do not know and I wont know more than you it seems so will leave it there.
BT900 | Nokia ONT | Ubiquiti ER-X | EETV Box Pro (IP Mode) | Unifi CK2 | 6x Unifi U6+ | 2x Unifi SAK Ultra
- Mark as New
- Bookmark
- Subscribe
- Subscribe to this message's RSS Feed
- Highlight this Message
- Report Inappropriate Content
Re: Smarthub 2 creates pinhole for wrong IPv6 address
- Mark as New
- Bookmark
- Subscribe
- Subscribe to this message's RSS Feed
- Highlight this Message
- Report Inappropriate Content
Re: Smarthub 2 creates pinhole for wrong IPv6 address
Now that is a very simple way of explaining IPV6.
BT900 | Nokia ONT | Ubiquiti ER-X | EETV Box Pro (IP Mode) | Unifi CK2 | 6x Unifi U6+ | 2x Unifi SAK Ultra
- Mark as New
- Bookmark
- Subscribe
- Subscribe to this message's RSS Feed
- Highlight this Message
- Report Inappropriate Content
Re: Smarthub 2 creates pinhole for wrong IPv6 address
Presumably as the publicly routeable IPv6 address is dynamic, the Hub pinhole has to track it from the device name rather than being able to enter an IP address.
I'm not sufficiently familiar with Linux, but can you give the publicly routeable address a unique name so the hub doesn't get confused.
- Mark as New
- Bookmark
- Subscribe
- Subscribe to this message's RSS Feed
- Highlight this Message
- Report Inappropriate Content
Re: Smarthub 2 creates pinhole for wrong IPv6 address
Are you using Stateful or Stateless addressing.