Getting 403 responses when curl google APIs from linodes

In the past few days my web app running on linode has started some times getting 403 responses when sending valid queries to google APIs. I have managed to reproduce the error by just running curl on a public google API. The bash command below will randomly fail when running from linodes. I have tried 2 different linodes and getting the same issue:

curl https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com

Anyone have any idea what is going on here? I can run the query from outside linode without any issue.

Edit:
After a lot more debugging I ran curl with --verbose and noticed that a ipv6 address was used. When running curl with --ipv4 to force ipv4 the problem seems to disappear.

2 Replies

Linode Staff

We've been alerted of reports from customers experiencing the same issue with accessing Google's API. From what we have gathered so far, Google is blocking our IPv6 /64 block in Frankfurt. We've already reached out to Google and they are currently looking into it.

In the meantime, we've found that assigning a dedicated /64 range to affected Linodes resolves the issue. Since the issue is specific to IPv6, you could also disable it (if you're not using it for anything else), and that may resolve the issue.

If you'd like us to assign a /64 range to your Linode, just let us know by opening a ticket within Cloud Manager and we'll get it taken care of. IPv6 ranges are provided free of charge, so there would be no additional cost if you choose to do so.

Hi, I am experiencing this exact issue since yesterday (02.28.2023). My Linode is also in Frankfurt and I am not sure how to disable ipv6. Could you help with that? I am using Kubernetes for my application. Thank you.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct