cockpit-project.github.io
cockpit-project.github.io copied to clipboard
IPv6 support
The website is inaccessible over IPv6 for people like me.
Hmmm, good point.
It looks like we need to setup an AAAA record for cockpit-project.org. I believe Github now supports IPv6. I'm not sure what the AAAA should be though:
$ host cockpit-project.org
cockpit-project.org has address 192.30.252.154
cockpit-project.org has address 192.30.252.153
$ host cockpit-project.github.io
cockpit-project.github.io is an alias for sni.github.map.fastly.net.
sni.github.map.fastly.net has address 151.101.37.147
sni.github.map.fastly.net has IPv6 address 2a04:4e42:9::403
I do see this, but it doesn't provide the necessary information:
https://github.com/isaacs/github/issues/354
@sgallagher Do you know of any other domain pointed at GitHub that has added correct AAAA records?
GitHub Pages is the only part of GitHub, which has IPv6 support. Unfortunately no IPv6 support is available for custom domains — officially. After a bit of digging, one can reach a custom GitHub Pages domain over IPv6 using 2A04:4E42::403 (this is actually an IP belonging to the CDN GitHub uses).
This can be confirmed easily with curl:
curl "http://[2A04:4E42::403]" --header "Host:cockpit-project.org"
An alternative method would be to use Cloudflare's free plan as a proxy server, which in addition to IPv6 support would provide HTTPS support.
@sgallagher Is an AAAA record like this something we could do for cockpit-project.org?
. IN AAAA 2A04:4E42:2E::403
Just got back from vacation.
@stefwalter Is the syntax in https://github.com/cockpit-project/cockpit-project.github.io/issues/139#issuecomment-368246274 exact? If so, I can push that out right now.
I'm not familiar with the . in AAAA
format. What does the leading dot indicate?
bump @stefwalter can you comment?
I've done a bit more research into this and think there's a better approach than adding a specific AAAA record.
GitHub Pages uses Fastly CDN, which in turn uses GeoDNS to return the closest IP. This can be confirmed by querying DNS for cockpit-project.github.io from different physical locations. One can also note that pinging the IPs queried in this ways will always result in lower latencies than those in this help article, which cockpit-project.org currently uses.
To achieve the exact same better behaviour for a custom domain, adding a CNAME record, which points to cockpit-project.github.io should work. It makes sense to do this for both A and AAAA queries due to the aforementioned benefits. In fact, this is described in this help article.
@sgallagher Sorry for missing your response. I was catching up from vacation too :)
The solution that @tambry talks about seems to make more sense. What do you think? @sgallagher I believe the record would look like this. It would need to replace the current A record:
. IN CNAME cockpit-project.github.io.
@stefwalter OK, I just made the following change to our DNS records, which should make their way out over the next 24 hours:
-@ IN A 192.30.252.153
-@ IN A 192.30.252.154
+. IN CNAME cockpit-project.github.io.
It seems this broke DNS completely. dig @ns1.redhat.com. cockpit-project.org
now does not have any results. curl http://cockpit-project.org
fails with "Could not resolve host: cockpit-project.org" from four different places, and so does firefox.
I can't see a CNAME record from the Google DNS query tool nor from my own computer.
@sgallagher Try making sure the CNAME record was added correctly?
I just reverted the change completely. The previous records should propagate out soon.
The problem probably happened because CNAME records can't be added to a root domain.
One of the following should actually work:
- If the DNS server you're using supports CNAME flattening (aka ANAME records), then add such a record to the root domain, which points to cockpit-project.github.io.
- Move the GitHub Pages site to a www subdomain and add the CNAME record to that subdomain.
To follow this ticket.