Troubling wiht ipv6 adresses

we have received complaints that some users cannot access the site during the day. Somehow they see maintanence page. When we examined the haproxy logs, we saw that all 503 error’s requests’ source ips are ipv6.

  • We don’t have an AAAA dns entry.

  • checked server’s logs. Requests are not forwarded to backend servers.

  • dns’ are behind of cloudflare. then it goes to pfsense + haproxy

an example log: [ <131>Nov 16 14:59:33 HaProxy haproxy[54113]: 2001:4860:7:631::e0:60332 [16/Nov/2022:14:59:33.173] HTTPS_443-Balance~ HTTP_80_443_ipv4/IIS-03 0/0/-1/-1/0 503 2695 - - SC-- 153/147/5/0/0 0/0 “GET HTTP/2.0” ]

Crossposting from stackoverflow with plenty of answers: