Segfault > IT > Webserver > Enabling IPv6

Enabling IPv6 has been almost too simple.

Honestly speaking I did not yet grasp the concepts of IPv6 and each time my eyes fall on one of those weird IP-addresses my head starts spinning - I hope that I will get used to it, sometimes... .

So, here is what I did to make this webserver reachable from within the the realm of IPv6 - I hope that these informations, together with the others that you will find, will allow you to enable your own site.

DO THE INITIAL CONFIGURATION WITH YOUR FIREWALL DISABLED!
IPv6 is quite peeky and you probably won't be able to take over 1:1 the IPv4 configuration and just translate it to an IPv6 one. E.g. the ICMP (ping) packets are MANDATORY for IPv6 and if they get blocked it just won't work (I understood that ICMP in IPv6 is integral part of the network discovery, or something like that).

So, here is what I did to make IPv6 work for this host:

  • Got an IPv6 address.
    My provider (hostvirtual.com) provides native IPv6 (and IPv4) support by default.
    All I had to do was to go to the server management site and read...
    IPv6 IP: 2a00:dd80:3a::f91
    On another page they mention to put this in the network configuration...
    2a00:dd80:3a::f91/64
    ...and from what I read it's because I got an IPv6 subnet allocated as well, but I'm not using it nor I know how to use it.

  • Enable IPv6 support in the kernel under:
    "Networking Support => Networking Options => [*]The IPv6 protocol"
    In the submenu options of IPv6 I selected almost everything, but I don't think that they're needed.
    Compiled and activated.

  • Added to the USE-flags in "/etc/make.conf" the string "ipv6" and recompiled the packages that needed to be recompiled because of this ("emerge -pv --newuse world"?).
  • In /etc/conf.d/net (the network configuration of the Gentoo distribution) I wrote the following:
    ============================================
    dns_domain_eth0="blah-blah.ch"
    nis_domain_eth0="blah-blah.ch"
    dns_servers_eth0="8.8.8.8 217.79.186.148"

    config_eth0=(
            "176.58.88.238 netmask 255.255.255.0 broadcast 176.58.88.255"
       "2a00:dd80:3a::f91/64"
            )
    routes_eth0=(
            "default via 176.58.88.1"
            "default via 2a00:dd80:003a:0000:0000:0000:0000:0001"
            )
    ============================================
    I HAD to insert the line "default via 2a00:dd80:003a:0000:0000:0000:0000:0001" otherwise the site was not reachable from the realm of IPv6.
  • I added to the DNS configuration that I am hosting with my provider to route the "www" traffic to the AAAA address "2a00:dd80:3a::f91".
  • After rebooting I tested first from within the host if I could ping to myself...
    ============================================
    myhost # ifconfig
    eth0      Link encap:Ethernet  HWaddr 00:16:3e:36:0d:e6 
              inet addr:176.58.88.238  Bcast:176.58.88.255  Mask:255.255.255.0
              inet6 addr: 2a00:dd80:3a::f91/64 Scope:Global
              inet6 addr: fe80::216:3eff:fe36:de6/64 Scope:Link
              UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
              RX packets:40107 errors:0 dropped:0 overruns:0 frame:0
              TX packets:16135 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:1000
              RX bytes:4272930 (4.0 MiB)  TX bytes:14479367 (13.8 MiB)
              Interrupt:45

    lo        Link encap:Local Loopback 
              inet addr:127.0.0.1  Mask:255.0.0.0
              inet6 addr: ::1/128 Scope:Host
              UP LOOPBACK RUNNING  MTU:16436  Metric:1
              RX packets:5058 errors:0 dropped:0 overruns:0 frame:0
              TX packets:5058 errors:0 dropped:0 overruns:0 carrier:0
              collisions:0 txqueuelen:0
              RX bytes:2116213 (2.0 MiB)  TX bytes:2116213 (2.0 MiB)

    myhost # ping6 2a00:dd80:3a::f91
    PING 2a00:dd80:3a::f91(2a00:dd80:3a::f91) 56 data bytes
    64 bytes from 2a00:dd80:3a::f91: icmp_seq=1 ttl=64 time=0.049 ms
    64 bytes from 2a00:dd80:3a::f91: icmp_seq=2 ttl=64 time=0.070 ms
    ^C
    --- 2a00:dd80:3a::f91 ping statistics ---
    2 packets transmitted, 2 received, 0% packet loss, time 999ms
    rtt min/avg/max/mdev = 0.049/0.059/0.070/0.013 ms
    ============================================
    ...and then I tried to ping an external IPv6 site:
    ============================================
    myhost # ping6 ipv6.google.com
    PING ipv6.google.com(lhr08s01-in-x11.1e100.net) 56 data bytes
    64 bytes from lhr08s01-in-x11.1e100.net: icmp_seq=1 ttl=54 time=0.719 ms
    64 bytes from lhr08s01-in-x11.1e100.net: icmp_seq=2 ttl=54 time=0.750 ms
    64 bytes from lhr08s01-in-x11.1e100.net: icmp_seq=3 ttl=54 time=0.810 ms
    ^C
    --- ipv6.google.com ping statistics ---
    3 packets transmitted, 3 received, 0% packet loss, time 2002ms
    rtt min/avg/max/mdev = 0.719/0.759/0.810/0.049 ms
    ============================================
  • The final test was to see if the site could be reached by another IPv6-site. I used this one.

Have fun.