Re-enable IPv6 for bugzilla.mozilla.org

RESOLVED INCOMPLETE

Status

()

bugzilla.mozilla.org
Infrastructure
--
enhancement
RESOLVED INCOMPLETE
5 years ago
2 years ago

People

(Reporter: Simon Green, Assigned: fubar)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

5 years ago
Prior to the update of Mozilla's Bugzilla to 4.2, bugzilla.mozilla.org had an IPv6 address. This seems to have been removed with the upgrade (and relocation). According to https://bugzilla.mozilla.org/show_bug.cgi?id=630581#c22 , I should file a bug to get this fixed.

  -- simon
Assignee: nobody → network-operations
Component: General → Server Operations: Netops
Product: bugzilla.mozilla.org → mozilla.org
QA Contact: ravi
Version: Production → other
ipv6 is ready in the VIPS vlan. Shyam was working on the load balancers.
Assignee: network-operations → server-ops-infra
Component: Server Operations: Netops → Server Operations: Infrastructure
QA Contact: ravi → jdow
Assignee: server-ops-infra → shyam

Updated

5 years ago
Component: Server Operations: Infrastructure → Server Operations: Developer Services
QA Contact: jdow → shyam

Updated

5 years ago
Severity: normal → enhancement

Updated

5 years ago
Assignee: shyam → server-ops-devservices
QA Contact: shyam → nmaul
(Reporter)

Comment 2

4 years ago
Any update on this bug?
Flags: needinfo?(server-ops-devservices)
Shyam, do you remember where you left off? Happy to pick this up since I need to poke at a couple new test zlbs soon.
Assignee: server-ops-devservices → klibby
Component: Server Operations: Developer Services → WebOps: Bugzilla
Flags: needinfo?(shyam)
Product: mozilla.org → Infrastructure & Operations
(In reply to Kendall Libby [:fubar] from comment #3)
> Shyam, do you remember where you left off? Happy to pick this up since I
> need to poke at a couple new test zlbs soon.

Nowhere. We don't have ipv6 in SCL3 due to past issues with enabling ipv6 in that datacenter. I'm not sure if we're in a position to do so now, needinfo'ing Arzhel for the same.
Flags: needinfo?(shyam)
Flags: needinfo?(server-ops-devservices)
Flags: needinfo?(arzhel)
Depends on: 974202
Flags: needinfo?(arzhel)
V6 connectivity in that vlan is back, the ZLB boxes still can't ping each other over v6, so maybe it has been disabled (or filtered) on the servers?

fyi, this is the range that should be used: https://inventory.mozilla.org/en-US/core/network/110/
The zlb's can (now?) ping each other:

zlb2.ops.scl3# ip addr | grpe inet6 | grep global
    inet6 2620:101:8016:5::1:209/64 scope global 

zlb1.ops.scl3# ping6 2620:101:8016:5::1:209
PING 2620:101:8016:5::1:209(2620:101:8016:5::1:209) 56 data bytes
64 bytes from 2620:101:8016:5::1:209: icmp_seq=1 ttl=64 time=2.63 ms


However I am unable to ping6/traceroute6 to an ipv6 address on them.

zlb1.ops.scl3# ip addr | grpe inet6 | grep global
    inet6 2620:101:8016:5::2:1/64 scope global 
    inet6 2620:101:8016:5::1:208/64 scope global 

sekrit$ ping6 2620:101:8016:5::2:1
PING6(56=40+8+8 bytes) 2a01:2c0:e:301:913e:e39d:c2ed:18eb --> 2620:101:8016:5::2:1
^C
--- 2620:101:8016:5::2:1 ping6 statistics ---
5 packets transmitted, 0 packets received, 100.0% packet loss

sekrit$ traceroute6 2620:101:8016:5::2:1
traceroute6 to 2620:101:8016:5::2:1 (2620:101:8016:5::2:1) from 2a01:2c0:e:301:913e:e39d:c2ed:18eb, 64 hops max, 12 byte packets
 1  2a01:2c0:e:301::1  14.896 ms  1.047 ms  0.960 ms
 2  lns-1.server.fido.net  24.111 ms  27.131 ms  26.048 ms
 3  l1-v543.access.fido.net  36.183 ms  59.229 ms  25.848 ms
 4  30gigabitethernet1-3.core1.ams1.he.net  33.706 ms  121.333 ms  34.446 ms
 5  xe-0-1-0.cir1.amsterdam2-nh.nl.xo.net  37.616 ms  36.506 ms  79.573 ms
 6  mcr2.phoenix-az.us.xo.net  179.736 ms *  174.848 ms
 7  2610:18:189:4000::2  175.910 ms  178.103 ms  175.946 ms
 8  2620:101:8000:f104::1  174.921 ms  180.465 ms  174.898 ms
 9  xe-0-0-1.border1.scl3.mozilla.net  174.460 ms  176.831 ms  195.492 ms
10  v-1026.core1.scl3.mozilla.net  181.908 ms *  194.930 ms
11  * * *
12  * *^C
I think the issue is that the v6 addresses are assigned to eth0 instead of eth0.5@eth0.
As they are in the wrong vlan they can still talk to each other but not reach the proper gateway.
"default via 2620:101:8016:5::1 dev eth0"
Depends on: 1011055
Whiteboard: [kanban:https://kanbanize.com/ctrl_board/4/95]
Component: WebOps: Bugzilla → Infrastructure
Product: Infrastructure & Operations → bugzilla.mozilla.org

Updated

4 years ago
Whiteboard: [kanban:https://kanbanize.com/ctrl_board/4/95]

Comment 8

3 years ago
How's this going? I can ping the addresses mentioned in comment 6, so it seems the IPs have been moved to the right interface now.

2620:101:8016:5::2:1 seems to be working fine, but it's for bugzilla.allizom.org (which I note is missing an AAAA record too). 2620:101:8016:5::1:208 however seems to be dropping connections to port 80 and 443, even though I can ping it.
We're going to defer this to when we get all of BMO over to AWS, which won't be until at least Q1 (there is no agreed upon timeline yet, afaik)
Blocks: 1288299
Status: NEW → RESOLVED
Last Resolved: 2 years ago
Depends on: 877617
Resolution: --- → INCOMPLETE

Comment 10

2 years ago
In that case, let's hope AWS have deployed IPv6 by then.
You need to log in before you can comment on or make changes to this bug.