We are currently running a fair number of FreePBX 12 and 13 systems on AWS with great success (all FreePBX Distro based.) We decided to try out 14 for some of the new features, with the plan of moving everyone that direction eventually.
However, after a month or more of trying to make it work, it doesn’t.
It seems that FreePBX Distro on AWS is an IPv6-only venture. Once you bring the system up, you have about an hour or so to utilize IPv4 connectivity to it before it dies. After that, the instance is ONLY reachable via IPv6.
Once we realized the instances were going IPv6-only, and not outright crashing (as we first thought), we were able to log in (thanks, AWS, for not providing a console!), and take a look at the problem. It seems the system loses all IPv4 routes except for the local network route (due to it being directly connected.) In other words, the default gateway goes away.
At the recommendation of AWS support, I have removed ALL firewalling on the system. The security group is set 100% wide-open (allow ALL traffic from ALL sources), the Sangoma firewall has been disabled, and I’ve deleted the system binary that makes fail2ban work (since something insists on starting it, even though I’ve disabled it. Deleting the binary prevented it from starting, though.) Can verify iptables is wide open, no rules at all, and the default (for IPv4 and IPv6 policies) are set to ACCEPT.
Anyone else seeing this problem and/or had luck on fixing it? I’ve got systems running 12 and 13 happily out there, with zero issues. I’ve also got a bunch of legacy systems (as we call it) running Asterisk + Debian with zero issues. I can even spin up this same image in our office on ESXi and it runs for weeks on end with zero issues (using DHCP for both IPv4 and IPv4, a la AWS.)
Makes zero sense. Never seen anything like it before.
I’d prefer to not have to force all of my clients over to IPv6-only, but I’d also like to be able to use 14. As it stands now, I’m either going to have to stick to 13 permanently, or force my clients to IPv6-only, unless anyone has any ideas on this one…