diff --git a/playbooks/group_vars/mirror.yaml b/playbooks/group_vars/mirror.yaml
index 1306e83cf7..5274d39c33 100644
--- a/playbooks/group_vars/mirror.yaml
+++ b/playbooks/group_vars/mirror.yaml
@@ -1,6 +1,11 @@
 iptables_extra_public_tcp_ports:
   - 80
   - 443
+  - 4443
+  - 4444
+  - 4445
+  - 4446
+  - 4447
   - 8080
   - 8081
   - 8082
diff --git a/testinfra/test_mirror.py b/testinfra/test_mirror.py
index f1e02127c6..886ef1c3c1 100644
--- a/testinfra/test_mirror.py
+++ b/testinfra/test_mirror.py
@@ -23,42 +23,72 @@ def test_apache(host):
 
 def test_base_mirror(host):
     # BaseMirror
-    cmd = host.run("wget --no-check-certificate -qO- https://localhost/")
-    assert '<a href="debian/">' in cmd.stdout
+    for addr in host.addr(host.backend.host).ip_addresses:
+        cmd = host.run("wget --no-check-certificate -qO- https://%s/" % addr)
+        assert '<a href="debian/">' in cmd.stdout
 
-    cmd = host.run("wget -qO- http://localhost/")
-    assert '<a href="debian/">' in cmd.stdout
+        cmd = host.run("wget -qO- http://%s/" % addr)
+        assert '<a href="debian/">' in cmd.stdout
 
 def test_proxy_mirror(host):
     # ProxyMirror
-    cmd = host.run("wget --no-check-certificate -qO- "
-                   "https://localhost:4443/pypi/simple/setuptools")
-    assert 'setuptools' in cmd.stdout
+    for addr in host.addr(host.backend.host).ipv4_addresses:
+        cmd = host.run("wget --no-check-certificate -qO- "
+                       "https://%s:4443/pypi/simple/setuptools" % addr)
+        assert 'setuptools' in cmd.stdout
 
-    cmd = host.run("wget -qO- http://localhost:8080/pypi/simple/setuptools")
-    assert 'setuptools' in cmd.stdout
+        cmd = host.run("wget -qO- "
+                       "http://%s:8080/pypi/simple/setuptools" % addr)
+        assert 'setuptools' in cmd.stdout
+
+    # split the test cases so that we can escape the ipv6 addrs properly
+    for addr in host.addr(host.backend.host).ipv6_addresses:
+        cmd = host.run("wget --no-check-certificate -qO- "
+                       "https://[%s]:4443/pypi/simple/setuptools" % addr)
+        assert 'setuptools' in cmd.stdout
+
+        cmd = host.run("wget -qO- "
+                       "http://[%s]:8080/pypi/simple/setuptools" % addr)
+        assert 'setuptools' in cmd.stdout
 
 def test_dockerv1_mirror(host):
     # Dockerv1Mirror
-    cmd = host.run("wget --no-check-certificate -O- "
-                   "https://localhost:4444/registry-1.docker")
-    # TODO assert that this proxy cache is working more properly
-    assert '403 Forbidden' in cmd.stderr
+    for addr in host.addr(host.backend.host).ipv4_addresses:
+        cmd = host.run("wget --no-check-certificate -O- "
+                       "https://%s:4444/registry-1.docker" % addr)
+        # TODO assert that this proxy cache is working more properly
+        assert '403 Forbidden' in cmd.stderr
 
-    cmd = host.run("wget -O- http://localhost:8081/registry-1.docker")
-    # TODO assert that this proxy cache is working more properly
-    assert '403 Forbidden' in cmd.stderr
+        cmd = host.run("wget -O- http://%s:8081/registry-1.docker" % addr)
+        # TODO assert that this proxy cache is working more properly
+        assert '403 Forbidden' in cmd.stderr
+
+    for addr in host.addr(host.backend.host).ipv6_addresses:
+        cmd = host.run("wget --no-check-certificate -O- "
+                       "https://[%s]:4444/registry-1.docker" % addr)
+        # TODO assert that this proxy cache is working more properly
+        assert '403 Forbidden' in cmd.stderr
+
+        cmd = host.run("wget -O- http://[%s]:8081/registry-1.docker" % addr)
+        # TODO assert that this proxy cache is working more properly
+        assert '403 Forbidden' in cmd.stderr
 
 def test_dockerv2_mirror(host):
     # Dockerv2Mirror
-    cmd = host.run("wget --no-check-certificate -O- "
-                   "https://localhost:4445/v2/")
-    assert '401 Unauthorized' in cmd.stderr
+    for addr in host.addr(host.backend.host).ipv4_addresses:
+        cmd = host.run("wget --no-check-certificate -O- "
+                       "https://%s:4445/v2/" % addr)
+        assert '401 Unauthorized' in cmd.stderr
 
-    cmd = host.run("wget -O- http://localhost:8082/v2/")
-    assert '401 Unauthorized' in cmd.stderr
+        cmd = host.run("wget -O- http://%s:8082/v2/" %addr)
+        assert '401 Unauthorized' in cmd.stderr
+
+    for addr in host.addr(host.backend.host).ipv6_addresses:
+        cmd = host.run("wget --no-check-certificate -O- "
+                       "https://[%s]:4445/v2/" % addr)
+        assert '401 Unauthorized' in cmd.stderr
+
+        cmd = host.run("wget -O- http://[%s]:8082/v2/" %addr)
+        assert '401 Unauthorized' in cmd.stderr
 
 # TODO test RHRegistryMirror and QuayMirror
-
-# NOTE(ianw): further testing idea for anyone interested; get the
-# actual IP address of the mirror node and connect via that