cpanel uses wrong ipv6 subnet/range
On checking DNS settings, I just discovered that for some reason during installation, cPanel used a /128 instead of a /64 subnet for some reason.
While the "ip a" command is pointing all ip's to the /64 subnet.
However, I can't delete the main ipv6 range to put it in again with /64 subnet.
Is there a way to change the subnet in WHM so we have the correct/ 64 subnet which the network interface is also showing?
-
Hey hey! It's my understanding that activating IPv6 on an account will always use /128 for a single address. cPanel itself doesn't configure or adjust the ranges, so we may need additional details or access to the system to see what may have happened.
0 -
I mean the primary ipv6 address. This can be added in the Basic Webhost Manager.
This primary ipv6 is also present in the WHM->ipv6 ranges with /128 behind it. But from Hetzner we only get /64 ip's, not /128 ip's.
And when I added the second ipv6, I also could not choose the /64 subnet.I would gladly give additional details or system access. However please keep in mind that we have the license from Hetzner, not from cPanel so I don't know if we are allegible (if that is written correctly, I'm not native English), for system access. But I would gladly give access or provide other ways of detailed info.
Unless that is normal and cPanel only uses /128 subnets. Which seems odd to me but ok I'm not that deep into subnetting.
0 -
Inside WHM >> IPv6 Address Ranges, are you not able to delete the range and then add it again with the correct subnet?
0 -
No I can not. That button is greyed out.
For the second ip I can remove it, but only add it again as /128 nog as /64.I will try to put some screenshots here.
0 -
I believe you'll have to do this before making changes:
https://support.cpanel.net/hc/en-us/articles/360060922014-How-to-Remove-IPv6-ranges
Can you try that to see if that allows you to remove that range?
0 -
Lets hope this works. Seems I can not upload .jpg files.
This is how WHM looks.
And this is console output
0 -
I was able to modify the links to see the upload :D
1 -
Ah we were posting at the same time. yes I can try that, Have to make a backup first, because some sites have different ip's on the ipv6. I'll report back.
So I have to remove and then try to add again with /64?
0 -
Yes, as far as I understand that's the only way to adjust that area.
0 -
Nope, disabled all now and still greyed out button.
0 -
I'm not sure what would cause that then - it's probably best to reach out to your provider to have them check.
0 -
To my provider? As you can see from the screenshots it's only cPanel using the /128. I found those in a file from cpanel too.
I presume I can better not change the /128 to /64 in those files?Because as you can see my provider has things correctly, both ip's give a /64 on the ip a command.
And well.. it's Hetzner, they don't do real support.If you remember we had some issue with ipv4 before too. Then they advised to change the netmask they gave us (255.255.255.192) to 255.255.255.255 for things to work in cPanel. That fixed a license issue on my server which switched to my 2nd ip every time.
However. I can always try and see if they might be willing as cPanel is also automatically installed from their image.0 -
Maybe you can help me. I enabled the ipv6 and put the dns records backup back.
However, after all changes the serials had changed ofcourse and now they have the serials from the backup.
So I'm trying to update the serials, but the command from the doc does not work for some reason. I keep seeing same serials also after restarting named.
Is there a better command than this one from the docs?find /var/named/*.db -mtime -1 -exec perl -pi -e 'if (/^\s+(\d{10})\s+;\s?(?i)serial/i) { my $i = $1+1; s/$1/$i/;}' '{}' \;0 -
As expected, Hetzner refuses to help and so we are in the post office now because cPanel points to Hetzner and Hetzner points to cPanel. Pffff.. :(
0 -
As a cPanel reseller, Hetzner should be providing you with support (as technically you are not a cPanel customer: you are a Hetzner customer and Hetzner are a cPanel customer: unless you brought your licence directly - at cost - from cPanel/WebPros).
You'll need to ensure that no sites are currently using IPv6 before you can remove the old entry: it won't allow you to remove an "active" range. I have NOT tried the following myself, so be very very careful and keep backups:
1) I would remove mention of the IP address in "Basic WebHost Manager® Setup"
2) Run, from root shell, /usr/local/cpanel/scripts/updateuserdomains to rebuild the caches
3) See if you could then remove the IP range
4) Readd the range with the /64.
0 -
rbairwell
Thank you for answering. However, there is a difference between "should" and "will" and they won't provide software support, I can show you their official answer. Probably because this should be the case, they also stopped selling cPanel and Plesk licenses with their servers as of january this year with their servers too.I would be prepared to try your tip at night but when trying these changes, the domain serials get updated, happend last night with unassigning all domains too.
When I restore the /var/named/*.db backup I made, then the old serials are in there again and as you can see from my previous post, it seems they won't update with the given command.
So without the option to update the soa serials, I feel a bit reluctant to try this again.
However I did find in the docs that the ip's with netmasks are stored here:/etc/cpanel/ipv6/range_allocation_data and the same .cache data.I wonder if I would only change the netmask to /64 there instead of 128 if that would also work, because the ip's don't change.
0
Please sign in to leave a comment.
Comments
16 comments