Zimbra IPV6 pop/imap Dont Work[SOLVED]
- Carlos A. P. Cunha
- Posts: 48
- Joined: Fri Feb 19, 2016 11:47 am
Zimbra IPV6 pop/imap Dont Work[SOLVED]
It has Zimbra server 8.7.1, in CentOS 7.
It has in this server IPV4 and IPV6, my problem is that with IPV6 services of pop3 / imap are not starting, in IPV4 everything is OK.
Performed:
zmprov ms `zmhostname` zimbraIPMode both
zmprov modifyConfig `zmhostname` zimbraIPMod both
/opt/zimbra/libexec/zmiptool
zmcontrol restart
More data follows:
netstat -nltp|grep -w tcp
IPV4:
tcp 0 0 127.0.0.1:10026 0.0.0.0:* OUÇA 21450/amavisd (mast
tcp 0 0 0.0.0.0:587 0.0.0.0:* OUÇA 22289/master
tcp 0 0 0.0.0.0:11211 0.0.0.0:* OUÇA 21328/memcached
tcp 0 0 127.0.0.1:3310 0.0.0.0:* OUÇA 21858/clamd
tcp 0 0 0.0.0.0:110 0.0.0.0:* OUÇA 21346/nginx: master
tcp 0 0 0.0.0.0:143 0.0.0.0:* OUÇA 21346/nginx: master
tcp 0 0 127.0.0.1:10032 0.0.0.0:* OUÇA 21450/amavisd (mast
tcp 0 0 0.0.0.0:80 0.0.0.0:* OUÇA 21346/nginx: master
tcp 0 0 0.0.0.0:465 0.0.0.0:* OUÇA 22289/master
tcp 0 0 0.0.0.0:22 0.0.0.0:* OUÇA 785/sshd
tcp 0 0 0.0.0.0:25 0.0.0.0:* OUÇA 22289/master
tcp 0 0 0.0.0.0:443 0.0.0.0:* OUÇA 21346/nginx: master
tcp 0 0 127.0.0.1:23232 0.0.0.0:* OUÇA 21371/perl
tcp 0 0 127.0.0.1:23233 0.0.0.0:* OUÇA 21373/perl
tcp 0 0 0.0.0.0:993 0.0.0.0:* OUÇA 21346/nginx: master
tcp 0 0 0.0.0.0:995 0.0.0.0:* OUÇA 21346/nginx: master
tcp 0 0 MY-IP:389 0.0.0.0:* OUÇA 18781/slapd
tcp 0 0 127.0.0.1:10663 0.0.0.0:* OUÇA 20217/zmlogger: zmr
tcp 0 0 127.0.0.1:10024 0.0.0.0:* OUÇA 21450/amavisd (mast
IPV6:
netstat -nltp|grep -w tcp6
tcp6 0 0 ::1:10026 :::* OUÇA 21450/amavisd (mast
tcp6 0 0 ::1:7306 :::* OUÇA 20215/mysqld
tcp6 0 0 ::1:10027 :::* OUÇA 22289/master
tcp6 0 0 :::587 :::* OUÇA 22289/master
tcp6 0 0 :::11211 :::* OUÇA 21328/memcached
tcp6 0 0 ::1:10028 :::* OUÇA 22289/master
tcp6 0 0 ::1:10029 :::* OUÇA 22289/master
tcp6 0 0 ::1:10030 :::* OUÇA 22289/master
tcp6 0 0 ::1:3310 :::* OUÇA 21858/clamd
tcp6 0 0 ::1:10032 :::* OUÇA 21450/amavisd (mast
tcp6 0 0 127.0.0.1:8080 :::* OUÇA 20318/java
tcp6 0 0 :::465 :::* OUÇA 22289/master
tcp6 0 0 ::1:8465 :::* OUÇA 22058/opendkim
tcp6 0 0 :::7025 :::* OUÇA 20318/java
tcp6 0 0 :::22 :::* OUÇA 785/sshd
tcp6 0 0 :::25 :::* OUÇA 22289/master
tcp6 0 0 :::7993 :::* OUÇA 20318/java
tcp6 0 0 :::7995 :::* OUÇA 20318/java
tcp6 0 0 :::8443 :::* OUÇA 20318/java
tcp6 0 0 :::7071 :::* OUÇA 20318/java
tcp6 0 0 :::7072 :::* OUÇA 20318/java
tcp6 0 0 :::7073 :::* OUÇA 20318/java
tcp6 0 0 ::1:7171 :::* OUÇA 18801/java
tcp6 0 0 :::7780 :::* OUÇA 22088/httpd
tcp6 0 0 MY-IP:389 :::* OUÇA 18781/slapd
tcp6 0 0 :::7110 :::* OUÇA 20318/java
tcp6 0 0 :::7143 :::* OUÇA 20318/java
tcp6 0 0 ::1:10024 :::* OUÇA 21450/amavisd (mast
tcp6 0 0 ::1:10025 :::* OUÇA 22289/master
---
Config zimbraIPMod
zmprov -gacf|grep -i zimbraIPMod
zimbraIPMode: both
zmprov -gs `zmhostname`|grep -i zimbraIPMod
zimbraIPMode: both
Any idea how to make pop / imap start in ipv6?
Thanks
It has in this server IPV4 and IPV6, my problem is that with IPV6 services of pop3 / imap are not starting, in IPV4 everything is OK.
Performed:
zmprov ms `zmhostname` zimbraIPMode both
zmprov modifyConfig `zmhostname` zimbraIPMod both
/opt/zimbra/libexec/zmiptool
zmcontrol restart
More data follows:
netstat -nltp|grep -w tcp
IPV4:
tcp 0 0 127.0.0.1:10026 0.0.0.0:* OUÇA 21450/amavisd (mast
tcp 0 0 0.0.0.0:587 0.0.0.0:* OUÇA 22289/master
tcp 0 0 0.0.0.0:11211 0.0.0.0:* OUÇA 21328/memcached
tcp 0 0 127.0.0.1:3310 0.0.0.0:* OUÇA 21858/clamd
tcp 0 0 0.0.0.0:110 0.0.0.0:* OUÇA 21346/nginx: master
tcp 0 0 0.0.0.0:143 0.0.0.0:* OUÇA 21346/nginx: master
tcp 0 0 127.0.0.1:10032 0.0.0.0:* OUÇA 21450/amavisd (mast
tcp 0 0 0.0.0.0:80 0.0.0.0:* OUÇA 21346/nginx: master
tcp 0 0 0.0.0.0:465 0.0.0.0:* OUÇA 22289/master
tcp 0 0 0.0.0.0:22 0.0.0.0:* OUÇA 785/sshd
tcp 0 0 0.0.0.0:25 0.0.0.0:* OUÇA 22289/master
tcp 0 0 0.0.0.0:443 0.0.0.0:* OUÇA 21346/nginx: master
tcp 0 0 127.0.0.1:23232 0.0.0.0:* OUÇA 21371/perl
tcp 0 0 127.0.0.1:23233 0.0.0.0:* OUÇA 21373/perl
tcp 0 0 0.0.0.0:993 0.0.0.0:* OUÇA 21346/nginx: master
tcp 0 0 0.0.0.0:995 0.0.0.0:* OUÇA 21346/nginx: master
tcp 0 0 MY-IP:389 0.0.0.0:* OUÇA 18781/slapd
tcp 0 0 127.0.0.1:10663 0.0.0.0:* OUÇA 20217/zmlogger: zmr
tcp 0 0 127.0.0.1:10024 0.0.0.0:* OUÇA 21450/amavisd (mast
IPV6:
netstat -nltp|grep -w tcp6
tcp6 0 0 ::1:10026 :::* OUÇA 21450/amavisd (mast
tcp6 0 0 ::1:7306 :::* OUÇA 20215/mysqld
tcp6 0 0 ::1:10027 :::* OUÇA 22289/master
tcp6 0 0 :::587 :::* OUÇA 22289/master
tcp6 0 0 :::11211 :::* OUÇA 21328/memcached
tcp6 0 0 ::1:10028 :::* OUÇA 22289/master
tcp6 0 0 ::1:10029 :::* OUÇA 22289/master
tcp6 0 0 ::1:10030 :::* OUÇA 22289/master
tcp6 0 0 ::1:3310 :::* OUÇA 21858/clamd
tcp6 0 0 ::1:10032 :::* OUÇA 21450/amavisd (mast
tcp6 0 0 127.0.0.1:8080 :::* OUÇA 20318/java
tcp6 0 0 :::465 :::* OUÇA 22289/master
tcp6 0 0 ::1:8465 :::* OUÇA 22058/opendkim
tcp6 0 0 :::7025 :::* OUÇA 20318/java
tcp6 0 0 :::22 :::* OUÇA 785/sshd
tcp6 0 0 :::25 :::* OUÇA 22289/master
tcp6 0 0 :::7993 :::* OUÇA 20318/java
tcp6 0 0 :::7995 :::* OUÇA 20318/java
tcp6 0 0 :::8443 :::* OUÇA 20318/java
tcp6 0 0 :::7071 :::* OUÇA 20318/java
tcp6 0 0 :::7072 :::* OUÇA 20318/java
tcp6 0 0 :::7073 :::* OUÇA 20318/java
tcp6 0 0 ::1:7171 :::* OUÇA 18801/java
tcp6 0 0 :::7780 :::* OUÇA 22088/httpd
tcp6 0 0 MY-IP:389 :::* OUÇA 18781/slapd
tcp6 0 0 :::7110 :::* OUÇA 20318/java
tcp6 0 0 :::7143 :::* OUÇA 20318/java
tcp6 0 0 ::1:10024 :::* OUÇA 21450/amavisd (mast
tcp6 0 0 ::1:10025 :::* OUÇA 22289/master
---
Config zimbraIPMod
zmprov -gacf|grep -i zimbraIPMod
zimbraIPMode: both
zmprov -gs `zmhostname`|grep -i zimbraIPMod
zimbraIPMode: both
Any idea how to make pop / imap start in ipv6?
Thanks
Last edited by Carlos A. P. Cunha on Tue Dec 27, 2016 11:23 am, edited 1 time in total.
- Carlos A. P. Cunha
- Posts: 48
- Joined: Fri Feb 19, 2016 11:47 am
Re: Zimbra IPV6 pop/imap Dont Work
Hello guys
Any idea ?
Regards
Any idea ?
Regards
- Carlos A. P. Cunha
- Posts: 48
- Joined: Fri Feb 19, 2016 11:47 am
Re: Zimbra IPV6 pop/imap Dont Work
Hello guys
Any idea ?
Regards
Any idea ?
Regards
- DualBoot
- Elite member
- Posts: 1326
- Joined: Mon Apr 18, 2016 8:18 pm
- Location: France - Earth
- ZCS/ZD Version: ZCS FLOSS - 8.8.15 Mutli servers
- Contact:
Re: Zimbra IPV6 pop/imap Dont Work
It seems that Nginx does not listen on Ipv6.
Maybe you can give a try with zimbraIpMode Ipv6 only.
Reconfigure the nginx and restart it to see if it make any changes.
Maybe you can give a try with zimbraIpMode Ipv6 only.
Reconfigure the nginx and restart it to see if it make any changes.
- Carlos A. P. Cunha
- Posts: 48
- Joined: Fri Feb 19, 2016 11:47 am
Re: Zimbra IPV6 pop/imap Dont Work
Thanks for the reply.DualBoot wrote:It seems that Nginx does not listen on Ipv6.
Maybe you can give a try with zimbraIpMode Ipv6 only.
Reconfigure the nginx and restart it to see if it make any changes.
I tried to leave only ipv6, the result was the same, the services that were in ipv6 stayed the same and the ipv4 did not (as expected), I went back to both option and stayed as it was before ...
Is it some BUG version 8.7?
- JDunphy
- Outstanding Member
- Posts: 901
- Joined: Fri Sep 12, 2014 11:18 pm
- Location: Victoria, BC
- ZCS/ZD Version: 9.0.0_P39 NETWORK Edition
Re: Zimbra IPV6 pop/imap Dont Work
Are you saying that when you had:Carlos A. P. Cunha wrote: I tried to leave only ipv6, the result was the same, the services that were in ipv6 stayed the same and the ipv4 did not (as expected), I went back to both option and stayed as it was before ...
Is it some BUG version 8.7?
Code: Select all
listen [::]:143 ipv6only=off;
or
listen [::]:143;
#listen 143;
If that is not happening? Check this:
Code: Select all
cat /proc/sys/net/ipv6/bindv6only
0
- Carlos A. P. Cunha
- Posts: 48
- Joined: Fri Feb 19, 2016 11:47 am
Re: Zimbra IPV6 pop/imap Dont Work
Hello!!JDunphy wrote:Are you saying that when you had:Carlos A. P. Cunha wrote: I tried to leave only ipv6, the result was the same, the services that were in ipv6 stayed the same and the ipv4 did not (as expected), I went back to both option and stayed as it was before ...
Is it some BUG version 8.7?
that BOTH ipv4 and ipv6 were not working?Code: Select all
listen [::]:143 ipv6only=off; or listen [::]:143; #listen 143;
If that is not happening? Check this:
Code: Select all
cat /proc/sys/net/ipv6/bindv6only 0
When I put in Ipmode both, it is the same as the one I posted initially, when I put ipv4 only, it all goes up in ipv4, but when I only put ipv6 (colleague's tip up there), and it still does not sub-index imap / pop.
cat /proc/sys/net/ipv6/bindv6only
0
Thanks
- JDunphy
- Outstanding Member
- Posts: 901
- Joined: Fri Sep 12, 2014 11:18 pm
- Location: Victoria, BC
- ZCS/ZD Version: 9.0.0_P39 NETWORK Edition
Re: Zimbra IPV6 pop/imap Dont Work
What does "not sub-index imap/pop" mean? Assuming you have ipv6 and ipv4 firewalls enabled for those ports with centos 7, ipv4 should use the tcp6 socket. At least that is how I have seen it work with other daemons. For example, we have this:Carlos A. P. Cunha wrote: When I put in Ipmode both, it is the same as the one I posted initially, when I put ipv4 only, it all goes up in ipv4, but when I only put ipv6 (colleague's tip up there), and it still does not sub-index imap / pop.
cat /proc/sys/net/ipv6/bindv6only
0
Thanks
Code: Select all
tcp6 0 0 :::443 :::* LISTEN
Code: Select all
tcp 0 0 X.X.X.X:44088 Y.Y.Y.Y:443 ESTABLISHED
connections from IPv4 hosts, which will be mapped into the IPv6 address
space.
Ref: http://unix.stackexchange.com/questions ... cp6/237747
Ref: https://tools.ietf.org/html/rfc3493#section-3.7
Could that be happening here?
Last edited by JDunphy on Thu Dec 22, 2016 8:48 pm, edited 1 time in total.
- Carlos A. P. Cunha
- Posts: 48
- Joined: Fri Feb 19, 2016 11:47 am
Re: Zimbra IPV6 pop/imap Dont Work
JDunphy wrote:What does "not sub-index imap/pop" mean? Assuming you have ipv6 and ipv4 firewalls enabled for those ports with centos 7, ipv4 should use the tcp6 socket. At least that is how I have seen it work with other daemons. For example, we have this:Carlos A. P. Cunha wrote: When I put in Ipmode both, it is the same as the one I posted initially, when I put ipv4 only, it all goes up in ipv4, but when I only put ipv6 (colleague's tip up there), and it still does not sub-index imap / pop.
cat /proc/sys/net/ipv6/bindv6only
0
Thanks
but there is no ipv4 socket... However we only use ipv4. A netstat will show it connected via a tcp ipv4 socket however as ESTABLISHED.Code: Select all
tcp6 0 0 :::443 :::* LISTEN
As per RFC 3493 (Sections 3.7 and 5.3) an IPv6 socket will acceptCode: Select all
tcp 0 0 X.X.X.X:44088 Y.Y.Y.Y:443 ESTABLISHED
connections from IPv4 hosts, which will be mapped into the IPv6 address
space.
Ref: http://unix.stackexchange.com/questions ... cp6/237747
Ref: https://tools.ietf.org/html/rfc3493#section-3.7
Could that be happening here?
In the netstat that I posted it shows how are the sockets, but I believe that is not the question, since testing the connection via IPV6 does not connect, but IPv4 yes ....
: - |
- JDunphy
- Outstanding Member
- Posts: 901
- Joined: Fri Sep 12, 2014 11:18 pm
- Location: Victoria, BC
- ZCS/ZD Version: 9.0.0_P39 NETWORK Edition
Re: Zimbra IPV6 pop/imap Dont Work
Language seems to be a barrier so I just did what you did and it worked.
Here are my steps:
Now I wanted to verify what nginx was doing...
Good... That is what I wanted.
Next... what did netstat report:
Finally, a test from a remote machine:
I then repeated this with my ipv4 address with the same result. It worked.
The only thing I had to do was provide access via my firewall for ipv6 so my remote client could connect. I don't normally run ipv6 so this has been a good exercise to see what is involved.
Hope this helps.
Here are my steps:
Code: Select all
zmprov ms `zmhostname` zimbraIPMode both
/opt/zimbra/libexec/zmiptool
zmcontrol restart
Code: Select all
cd /opt/zimbra/conf/nginx/includes
cat *pop3* *imap* |grep ipv6
listen [::]:110 ipv6only=off;
listen [::]:995 ipv6only=off;
listen [::]:143 ipv6only=off;
listen [::]:993 ipv6only=off;
Next... what did netstat report:
Code: Select all
netstat -na | egrep '(110|995|993|143)'
tcp 0 0 :::7110 :::* LISTEN
tcp 0 0 :::7143 :::* LISTEN
tcp 0 0 :::110 :::* LISTEN
tcp 0 0 :::143 :::* LISTEN
tcp 0 0 :::7993 :::* LISTEN
tcp 0 0 :::7995 :::* LISTEN
tcp 0 0 :::993 :::* LISTEN
tcp 0 0 :::995 :::* LISTEN
Code: Select all
openssl s_client -crlf -connect '[dddd:3333::f03c:91ff:fea1:740d]:993'
CONNECTED(00000003)
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
....
....
---
* OK IMAP4rev1 proxy server ready
The only thing I had to do was provide access via my firewall for ipv6 so my remote client could connect. I don't normally run ipv6 so this has been a good exercise to see what is involved.
Hope this helps.