Ipv6 for the content provider
owen at delong.com
Wed Jan 26 14:39:16 CST 2011
On Jan 26, 2011, at 11:17 AM, Antonio Querubin wrote:
> On Wed, 26 Jan 2011, Charles N Wyble wrote:
>> Do I just need to assign ip addresses to my servers, add AAAA records to
>> my DNS server and that's it? I'm running PowerDNS for DNS, Apache for
>> WWW. Postfix for SMTP.
> Best to remove IP version dependencies in your configs.
> If you are using name-based virtual hosting in Apache, convert:
> Listen a.b.c.d:80 -> Listen 80
> <Virtualhost a.b.c.d:80> -> <Virtualhost *:80>
That only works if you have only one address on the machine and.
If you have addresses that aren't intended for name-based-site-A but
do terminate SSL connections to sites B, C, and D, then you probably
don't want to use * for site A.
> Use hard-coded IP addresses only where required for stuff like SSL-enabled webhosts.
Depends on the complexity of your environment. In a more complex configuration
you can actually save yourself a lot of trouble and confusion later by using a
construct like this:
<VirtualHost 184.108.40.206:80 [2620:0:930::400:7]:80 [2620:0:930::dead:beef:cafe]
YMMV, but, that's working reliably in my environment for:
[root at owen conf]# host www.delong.com
www.delong.com has address 220.127.116.11
www.delong.com has IPv6 address 2620:0:930::400:7
(The dead:beef:cafe address isn't currently in the AAAAs that are publicly visible because
it's used for testing specialized testing from different DNS views.)
The machine in question has a number of IPv4 and IPv6 addresses many
of which terminate HTTP/HTTPs connections, some of which do not.
More information about the NANOG