I am having in issue using https with multiple sites on ipv6 (nominally
SNI). If I declare more than one listen directive for ipv6 on port 443
nginx refuses to start. The ipv4 configuration is fine, it’s only an
issue with ipv6.
Nginx details:
nginx version: nginx/1.9.7
built by gcc 4.9.2
built with OpenSSL 1.0.1k 8 Jan 2015
TLS SNI support enabled
Does anyone have an idea on why this might be occurring? In theory ipv6
shouldn’t make a difference, and it sure as heck doesn’t make a
difference to the ipv4 configuration.
On Mon, Dec 07, 2015 at 08:00:40PM +1000, Nikolai Lusan wrote:
I am having in issue using https with multiple sites on ipv6 (nominally
SNI). If I declare more than one listen directive for ipv6 on port 443
nginx refuses to start. The ipv4 configuration is fine, it’s only an
issue with ipv6.
Please define “refuses to start”. It should print error details
to stdout if startup fails for some reason, and will log anything
to error log as well.
On Mon, Dec 07, 2015 at 01:16:06PM +0100, Lukas T. wrote:
listen 80;
Afaik this will make nginx listen to both IPv4 and IPv6 family.
Specify the real IPv4 adress you want to listen to, to avoid the IPv6 bind.
No, just a port means IPv4 wildcard address.
listen [::]:80;
This will make nginx to listen to both IPv6 and IPv4 family.
Specify ipv6only=on [1] as a keyword to avoid the IPv4 bind.
No, IPv6-and-IPv4 listen sockets will be created if and only if
you’ll explicitly set the ipv6only parameter to off.
(Before nginx 1.3.4, the operation system setting was used as a
default for ipv6only. This was proven to be a wrong approach, and
now nginx forces ipv6only=on by default. See Module ngx_http_core_module for some more details.)