Getting 403 responses when curl google APIs from linodes
In the past few days my web app running on linode has started some times getting 403 responses when sending valid queries to google APIs. I have managed to reproduce the error by just running curl on a public google API. The bash command below will randomly fail when running from linodes. I have tried 2 different linodes and getting the same issue:
curl https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com
Anyone have any idea what is going on here? I can run the query from outside linode without any issue.
Edit:
After a lot more debugging I ran curl with --verbose and noticed that a ipv6 address was used. When running curl with --ipv4 to force ipv4 the problem seems to disappear.
2 Replies
isackey
Linode Staff
We've been alerted of reports from customers experiencing the same issue with accessing Google's API. From what we have gathered so far, Google is blocking our IPv6 /64 block in Frankfurt. We've already reached out to Google and they are currently looking into it.
In the meantime, we've found that assigning a dedicated /64 range to affected Linodes resolves the issue. Since the issue is specific to IPv6, you could also disable it (if you're not using it for anything else), and that may resolve the issue.
If you'd like us to assign a /64 range to your Linode, just let us know by opening a ticket within Cloud Manager and we'll get it taken care of. IPv6 ranges are provided free of charge, so there would be no additional cost if you choose to do so.
