I got a Reddit message from a user who is running a single stack IPv6 setup and was unable to access my website. I thought I had everything in order to make this work but apparently not. Thanks to this user for reaching out so I could fix the problem.

DNS AAAA Record

The first step is to ensure that you have a AAAA published for your public IPv6 address. This is fairly simple. Grab your IPv6 address from your server ( ifconfig , ip a , or ipconfig ) and create a record through your domain provider.

NOTE: Be sure to grab the scope global address and NOT the scope link .

Firewall Configuration

In my case, I am using iptables to manage my firewall configuration. The first thing to note is that you must use two different utilities to manage IPv4 vs. IPv6 rules: iptables and ip6tables . What is nice is that both utilities provide the -4 and -6 flags to cause the opposite tool to ignore those specific rules. From the man page.

-4, --ipv4 This option has no effect in iptables and iptables-restore. If a rule using the -4 option is inserted with (and only with) ip6tables-restore, it will be silently ignored. Any other uses will throw an error. This option allows IPv4 and IPv6 rules in a single rule file for use with both iptables-restore and ip6tables-restore. -6, --ipv6 If a rule using the -6 option is inserted with (and only with) iptables-restore, it will be silently ignored. Any other uses will throw an error. This option allows IPv4 and IPv6 rules in a single rule file for use with both iptables-restore and ip6tables-restore. This option has no effect in ip6tables and ip6tables-restore.

So with that in mind, you can make one file to hold all your rules and then load it into both utilities. The place where the specific rules come into play is when dealing with specific IPs or with localhost communications. iptables is smart enough to work on port based rules across the protocols.

I ended up using a set of rules from Jakub Jirutka here. I basically just updated line 111 , un commented, saved to /etc/iptables.rules and loaded it up. To ensure these rules get loaded at boot I added these lines to /etc/rc.local :

#Restore IP tables iptables-restore < /etc/iptables.rules ip6tables-restore < /etc/iptables.rules

NGINX Config