For one of my apps I don’t see any private IP showing up. But when the server connects to my Caddy instance, I see the IP 2605:4c40:93:891e:0:181c:683c:1 in the logs. Where is this coming from? Should I allocate a private IP to this instance and use that instead? When I ping this server using ping6 app-one.internal I get an IP like this fdaa:0:cd41:a7b:122:c9cf:a663:2 but then this one doesn’t seem to be what’s being used when connecting to another server and doesn’t show up in the following console commands.
home@me:~$ fly ips private --app app-one
VERSION IP TYPE REGION CREATED AT
home@me:~$ fly ips list --app app-one
VERSION IP TYPE REGION CREATED AT
Also is there a CIDR range I can use that would work for all private apps?
Currently flyctl v0.1.77 linux/amd64 Commit: c9880372b6bc9b3b4d3a0d0e1392c36f9b995dd9 BuildDate: 2023-08-11T19:00:31Z
I tried the commands again just for good measure and they are showing up blank. To be clear though, I have not assigned a specific private IP.
I am trying to whitelist this server in Caddy and am using IPs to do that, and it is just a bit confusing to find the IP address. I was only able to find it through Caddy logs when Caddy received the connection. So without assigning a specific IP, I’m just wondering if there’s a good way to find the current IP? Or if I should just be assigning an IP if I need it like this? Or is an IP always supposed to show up with these commands, even if I haven’t assigned one? As in it’s supposed to show the IP the server starts with?
That’s strange. fly ips private should list the private IPs of the individual machines (fdaa:::). Can you run the command with LOG_LEVEL=debug env var set and mail me the output (pavel@fly.io)?
To be clear though, I have not assigned a specific private IP.
These are for incoming connections, so shouldn’t matter in this case.
So, fdaa::: are the internal IPs of the VMs. .internal domain names get resolved to these IPs. They can be used if you want to talk directly to a specific VM and are only accessible within your organization’s network.
The 2605:4c40:93:891e:0:181c:683c:1 IP address that you see in Caddy logs is most likely the public IPv6 address assigned to this VM. If you make a connection from this VM to an external service, this IP will be used. AFAIK, we don’t currently return them from API/flyctl.
This actually clarifies everything for me. This is all making sense now, I got it. Thank you for going over all of this detail with me, I really appreciate it.