Trying to solve the "Linode problem"

Hi, I’ve recently set up my box and helped a friend to set up one too, both on Linode. Both were set up nice and easy.

But my friend encountered what guys at Spamhaus call the “Linode problem”. The default IPv6 that you get on Linode can be in banned /64 range at Spamhaus (as they ban ranges and not single IPs for IPv6). Spamhaus advises in that case to ask for a personal /64 range of IPs at Linode, so one can be sure that they won’t get spamlisted if an IP next to theirs get blacklisted.

I didn’t have that problem but decided to get myself a range also and try setting a static IP from that range, just to make sure that I can if need arises.

Having spent some time on setting a static IP from a range and battling system’s attempts to use default SLAAC IP (which is not usually from a range that they give you) no matter what, I’ve encountered a stange behavior after running MIAB setup.

Case is:
I have a static IP set up using netplan, and also a default route set for system to use it for outgoing connections.
I reboot several times, and ip route get (which box uses to get private ip) and curl -6 http://ip6only.me/api/ tell my static IP correctly
I run mailinabox script to update the configuration
It correctly gets public and private ip, all in well in /admin system check.
But after that, if reboot, Ubuntu now uses old SLAAC default IP for same checks, with the same before configured netplan.

Does the box setup do something with system routes that can explain the observed behavior?

(Manually changing the route with ip route change "::/0" via "fe80::1" src "<my ipv6>" dev eth0 returns the desired behavior but only for a time, and netplan configuration for the same is somehow ignored after running setup
I also tried to disable accept-ra so the system won’t get a SLAAC ip at all, but in that case after running setup I lost ipv6 connectivity completely after first reboot)

I really want to write a guide afterwards.

I have two Linode VPS running MiaB. Running about a year.

On more than one occasion they both have lost their ip6 reverse DNS setting. They automagically fixed themselves in about a day.

Dennis

Hi, Dennis
Sadly, the problem is not with reverse DNS,
I quite often see that IPV6 rDNS becomes Not set for some time, then fixes itself.

The problem is with static IP from an allocated /64 range.

hello truechaotic. I am running two MIAB linode instances and am also battling Spamhaus. I’m also trying to enable a static IP using Netplan to see if that will resolve the Spamhaus issue. I’m also using MIAB’s bind so am unclear about whether or not to place my MIAB nameservers in the .yaml file, or not. Anyway, I really like MIAB and am hoping to get it running on a static IPv6 address so as to disappear Spamhaus’s harassment.

Right now, I’ve semi solved the problem by adding a script in cron.d to restore the necessary ip on reboot. I posted my configs on Linode support forum:

I still don’t understand why it didn’t work on first reboot after running sudo mailinabox but restores IP correctly on second reboot.

Bump?
I’m still not sure why MIAB setup behaves so oddly
While testing the box, I noticed another interesting behavior (as of 0.43):
If you turn off IPv6 completely, MIAB still generates nginx config that listens to IPv6 connections, and can’t restart nginx with that config :slight_smile: