Donavan Fritz

about
<<< home

This Site is Still IPv6 Only

This site is still IPv6 only. One drawback from my original attempt at doing IPv4-less was the failure mode. IPv4 users did not understand the problem. It would be indistinguishable if this site was actually down, or if the user did not support IPv6.

For example, using curl we see a Could not resolve host error. This error can give the impression that this site is offline, vs incorrect IP protocol version.

➜  ~ curl -v -4 http://fritz.dev
* Could not resolve host: fritz.dev
* Closing connection 0
curl: (6) Could not resolve host: fritz.dev

To address this, I made the following changes:

A Redirect Page

A page was added at /redirect that performs an HTML redirect to ipv6.fritz.dev.

Breakout DNS Names

To support a redirect page on fritz.dev, fritz.dev must support IPv4. So fritz.dev is now dual stacked, again. However, ipv6.fritz.dev was added as another virtual host for this site.

➜  ~ host fritz.dev
fritz.dev has address 142.202.202.206
fritz.dev has address 142.202.203.206
fritz.dev has IPv6 address 2620:79:e000:fa00::206
fritz.dev has IPv6 address 2620:79:e000:fb01::206
fritz.dev mail is handled by 20 mail02.fritzlab.net.
fritz.dev mail is handled by 10 mail01.fritzlab.net.
➜  ~ 
➜  ~ host ipv6.fritz.dev
ipv6.fritz.dev is an alias for gateway6.fritzlab.net.
gateway6.fritzlab.net has IPv6 address 2620:79:e000:fa00::206
gateway6.fritzlab.net has IPv6 address 2620:79:e000:fb01::206

NGINX Conditional Rewrite

This site uses nginx as a reverse proxy. At the nginx level, a conditional was added to detect the presence of IPv4 (by checking if there’s not a : in the $remote_addr). Configuration snippit below:

    # allow css and favicon to load when using IPv4 
    location ~* \.(?:ico|css)$ {
        proxy_set_header    X-Real-IP $remote_addr;
        proxy_pass          http://blog-frtiz-dev;
    }

    location / {
        if ($remote_addr !~ ":") {
            rewrite ^ /redirect/ break;
        }
        proxy_pass          http://blog-frtiz-dev;
    }

When an IPv4 user connects, the URL will be rewritten to /redirect/. The web server serving this site will then serve the /redirect page so the user knows that IPv6 is required. After thirty seconds, it will force the user over to IPv6 (using the ipv6. DNS name mentioned earlier). This gives IPv4 only site visitors explicit knowledge on what the issue is, and how to correct it.

LinkedIn Twitter Facebook GitHub RSS Feed
2026 • Donavan Fritz