July 6, 2010

676 words 4 mins read

Getting underway with IPv6

So let me start off by saying, I’m not new to the world of networking.  I’ve been doing this for a long while now.  I had a Linux box running as a router on a PPPoE DSL line back before you could even buy a home “router” (IE Linksys).  Heck, I had the network running before Pac Bell even had tech support that could handle the concept of more than one computer on a DSL line (and let me tell you, mentioning the word “Linux” around them was hilarious).

You’d think that since I’ve been doing this for so long, I must have experience with IPv6… but I don’t.  There are a few reasons for this: A) No ISP or server host I’ve ever used has provided IPv6 addresses  B) IPv6 has really only started to “pick up” in the last 2-3 years and most importantly C) I’ve never had a need.  If you don’t have the need or the access, why bother putting the effort into trying to fight it?  Besides, while IPv6 introduces a lot more features into the core stack than just more addresses, I expected it to work mostly the same on a basic level.  As it turns out that only seems to be the case in the server world, at home that is not exactly the case.

Recently, I was tasked for drawing up a large and ambitious network plan, during which I left out IPv6.  Another tech questioned my omission so I decided that rather than ignoring IPv6, I’d throw myself in feet first.  After doing all the required reading, I hopped over to

Hurricane Electric Free IPv6 Tunnel Broker and got myself a couple of 6in4 tunnels.  While I was doing that, I also started following HE’s IPv6 Certification course.  I’ll give them points for making a decently educational certification system, but it doesn’t really say much about a person.  You can get to the “Professional” level using Wikipedia and about an hour of free time.

It was fairly easy to follow HE’s instructions combined with Linode’s to get this server up on IPv6.  At this moment, while we are dual-stacked, AAAA is not turned on for Snowulf.com, but it is turned on for some of my other domains as a test.  If you’d like test it, hit up Snowulf.net for dual stack A/AAAA and ipv6.Snowulf.net for AAAA only.  Down the line, after some additional testing, I will probably enable AAAA for all my domains.  Sadly, Linode does not offer IPv6 DNS services (they do allow you to add AAAA records, but the name servers themselves do not have AAAA), nor does Gmail handle IPv6 email.  Sad, really, because I setup DNS & Postfix on the server to work over IPv6 in less than an hour each.  Postfix proved to require only one small change to main.cf, specifically add the following two lines:

inet_interfaces = all

inet_protocols = ipv6, ipv4

All in all, I’d recommend getting on the IPv6 bandwagon for any server/site you run.  Getting IPv6 from HE’s Tunnel Broker service doesn’t take much work at all, and it is fairly quick.  Sure, you’ll add a little bit of latency, but they’ve got end points across the US. Ping to snowulf.net over IPv4 averages 61ms.  Ping to snowulf.net over IPv6 is only 73ms.  Knowing that your website is future proof: Priceless.

So after I had the server “up” on IPv6, obviously I needed someway to test it, so I got a second tunnel for my home.  That is when the headaches started.  IPv6 might be ready for the server world, but the desktop world is a much bigger problem.  Granted, some of my issues were due to my more “unique” network configuration (Look, my home network is more complicated that most small businesses (Editor’s note: Seriously.)), while some occur simply because the support is not there.  Being the pain that it is, I’m still working on getting the kinks ironed out, so I will do a post on home IPv6 connectivity after I get it mostly worked out.