So your soon to be “blessed” with the things we are talking about… 
I don’t think so. It should be enough when you configure “Permit Access” accordingly. Is your router already configured to support IPv4 & IPv6 simultaneously? I’d expect the “permit access” part would also state the protocol these rules are assigned to. Does your Windows 10 PC already have an ipv6 address other than fe80::…?
Yes, you can use more than one domain in that file.
Yes the router does IPv6 and IPv4. ISP provides native dual stack. I get a real IPv6 IP address for Windows 10 PC. I have not added the permit access for IPv6 yet - only v4. I can change that of course.
OK I added it and created a new domain… took a few minutes for it to resolve the IPv4 address and the ipv6 address isn’t working yet.
I presume I just use https and don’t use a port on the end as you say port forwarding isn’t needed and just gets passed through
I have added a new domain in duckdns and added the ports to pass through. I don’t know how long it takes to propagate the domain but I can’t ping it with IPv6. I can ping with IPv4 though (when I added the IPv4 address… I will eventually delete that when ipv6 works). I added port 22 and I can ssh to the V6 IP address over my 4G connection… I have not added the new domain to Caddy yet… Just waiting until I can ping the IPv6 address. I did click on ping6 in the above screenshot so that should work.
If I ping my current duckdns domain it prefers IPv6 and it gives both addresses when I do a nslookup. The new one however only gives me IPv4. As I said, no idea how long it takes to propagate.
While there is no NAT when using IPv6 (since every device gets its own publicly available address that can be reached from the outside world) you can use any ports like you, just like you did before. it’s just a different process from the technical side that may influence the configuration options inside your router interface. that’s all i wanted to say with that 
looks like you are able to resolve the ipv6 address when you are able to log into ssh. that your ping does not get answered might have to do how your nuc is configured. it’s the resolve part that matters
and now he downgrades customers to ds-lite? not a nice move.
only if I enter in the IPv6 IP address… the duckdns domain I made does not resolve yet. Running the domain through some dns propogation checkers it doesn’t show and Aust DNS servers resolving. I swapped my dns on my win10 pc to 8.8.8.8 and 8.8.4.4 (google) but it still doesn’t work. I also logged into a US VPN and I can ping it quite happily. EDIT Can’t ping but it is resolving the v6 IP address
I’m not playing with Caddy until I can ping the v6 address on my PC.
I have opened ports 443 and 80 for IPv6 (and also 22 for my ssh test) and have enabled PING6 and then caddy as per my config above will do the redirects to the right ports for the various sub domains right?
Well they have run out of IPv4 addresses and the cost is horrendously expensive. I don’t even mind losing a real IP address as long as everything else I do works. Can always pay $10/month for a real static IPv4. They are also (for now) allowing people with a ‘good reason’ to opt out for free but I want to make sure I can keep on using my systems as they are now when they pull the plug…
Anyway, until I can resolve the new address with IPv6 I can’t test it yet.
(The stupid thing is the IPv4 address has propagated, it’s just the IPv6 that hasn’t. I also deleted the V4 address now) Just checked over 4g as well and it can’t resolve it either.
nice to see it’s working now.
yes, these are internal redirect your router should not interfere with. since it worked like this before for you that shouldn’t change just because you are switching your ddns domain.
its good that you deleted the ipv4 config. that simplifies your tests. i’m assuming the “can’t resolve it” is now obsolete since your edit mentions it properly resolving now?
I am only getting the IPv6 address for the domain if I log onto a US VPN… then it is resolving a name to an IP address. It still won’t do that on my normal connection. I have no idea why. The current duckdns that I’ve had for years that I added the Router IPv6 address to last week is working no problems. Might just need to wait…
OK!!
So I ended up setting Cloudflare DNS and it is finally resolving. It appears there is a problem with the Fritzbox DNS server which is weird as no problems previously. The FB also does not seem to use a manually configured DNS for some reason.
Manually configured Debian and Win10 and iPad for Cloudflare and the IP address resolves. Duplicated the domains in my caddy file and restarted caddy and it generated all the certificates and I can connect on IPv6 (no IPv4 configured on the domain) without a port number. Seems to work 100%.
Nice and thanks so much for your advice and assistance.
Testing that from the inside is rather complicated but I’m happy you’ve got it solved with the DNS workaround.
Please have a look at this knowledge base article:
https://en.avm.de/service/fritzbox/fritzbox-7390/knowledge-base/publication/show/663_No-DNS-resolution-of-private-IP-addresses
If you follow the steps in “Configuring exceptions for DNS rebind protection” don’t add just duckdns.org but be more specific and enter your own extension there. Configuring this option should make the DNS workaround obsolete.
First knee-jerk reaction is that can’t be… It is resolving another duckdns on the same network but then I considered that the other duckdns address is on the ‘WAN’ so to speak… it is the router itself and not on my internal network so that could be a difference. It does resolve to the IPv4 address but of course that is the same as the FritzBox itself and I’ve obviously used port forwarding to make that work on IPv4. I will check out the article and let you know.
Well that WAS it!
Thanks again mate.