Ipv6 for the content provider
gbonser at seven.com
Wed Jan 26 13:18:50 CST 2011
> Application level support on Linux/FreeBSD/NetBSD is 98% and rising
> every day. Apache, BIND, Postfix, they all work great. The "problem"
> is you may need config adjustment. Your Apache ListenOn's will need
> IPv6 added, your Postfix "local nets" ACL will need your IPv6
> added, and so on.
> And that is the crux of the migration issue. Updating all the
> configuration in all the apps to both do the right thing and be secure
> in IPv6. That is where all of your work will be, particualrly if you
> have custom systems to manage IP's or configs.
> Leo Bicknell - bicknell at ufp.org - CCIE 3440
> PGP keys at http://www.ufp.org/~bicknell/
We're still having some problems with linux and java. For example, a v6
socket is supposed to support either protocol. But for some reason, and
I don't know if this is just one particular kernel, if communications is
attempted under some circumstances with a v4 address on a dual-stacked
host, the packets go out on the wire with v6 mapped v4 addresses
(::ffff:x.x.x.x) which isn't supposed to happen. So everything isn't
quite there yet for dual-stacking all applications. The "safest"
approach on paper is v6 native using NAT64/DNS64 but getting the NAT64
piece in place at production quality and scale is a problem at this
More information about the NANOG