Is the posted list of IPv6 addresses correct

ipv6

#1

Here is the list of IP addresses used by Cloudflare:

However, we are seeing some strange behavior from IPv6 addresses starting 2601:. One of our remote offices was accessing our server and instead of the fixed IPv4 address that the office has, we saw 4 IPv6 addresses in our Plesk log. Cloudflare’s list does not include that range.

I can’t think of any other way that our IPv4 address is getting converted to an IPv6 address during its journey to our server…thoughts?


#2

To be sure, do a whois on the v6 IPs:

https://www.ultratools.com/tools/ipv6Info

Though I guess that the IP list should be up to date, maybe it’s a “brand new” network.

Afaik CloudFlare will make use of ipv6 if your origin makes use of it.


#3

I already know that the owner is Comcast (asn 7922) and is located in Albuquerque, NM. The issue is if Cloudflare doesn’t use that IPv6 address, and they say they don’t, then why is our IPv4 office fixed IP address getting converted to an IPv6 address when it hits our server? Has anyone seen an ISP do this on the fly?

The issue is we have a firewall on the server that has areas that only whitelisted IP addresses can get to. If Comcast is changing what we see, then it hoses over our remote access. This just started in the past week, but only when using a browser. If you use an FTP client, the IP address remains unchanged.


#4

6to4 tunnel, Dual Stack, DS-Lite…

I guess there’s no proxy service? :thinking:

Is it possible that Comcast activated ipv6 on your connection?

I assume that your clients connect via HTTPS to your servers and the records are set to :orange:

If the system has ipv6 support enabled it will make use of it whenever it is available at the destination. (still assuming that your connection and the destination server support it as well)

Further I guess FTP connections use a subdomain like ftp.domain.com. This record must be set to :grey: then because CloudFlare doesn’t proxy port 21/22. If there is an v4 ip set for this record , the system can’t use ipv6.

Everything is just a guess since I don’t know your network topology. I may be totally wrong. But this is a scenario that would make sense.


#5

Thanks


#6

This topic was automatically closed after 14 days. New replies are no longer allowed.