I've been testing the AAAA records for linickx.com, I'm supprised how easy it was!
The cloud servers over at rackspace (where this is hosted) come ipv6 ready - i.e. with a native ipv6 address attached to the internet. I'm using CentOS 6 so your experience may vary :)
ifconfig showed the IP address in my network stack, a good start! The
first thing is that there are two
iptables config files
/etc/sysconfig/ip6tables, it should be
obvious which is which! I'm not sure I agree with Redhat's decision to
have two config files but they are configured the same it is only the
IPs that need to be different, therefore I can have the same statement
in each to open up access to apache:
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
--dport 22 (SSH) is open on a RHEL/CentOS box, therefore
I recommend you change that as appropriate - yes you need to think about
ACLs on IPv6 as well as IPv4!
Since there are two config files for iptables there are also two services, you will need to restart the service to load up a new config:
[[email protected] ~]$sudo service ip6tables restart
The apache config file is
/etc/httpd/conf/httpd.conf, by default there
Listen 80 statement, assuming you haven't changed that apache
should be already listening on ipv6 port 80!
[[email protected] ~]$ sudo netstat -nap --inet6 | grep 80 tcp 0 0 :::80 :::* LISTEN 6878/httpd [[email protected] ~]$
What happens now when you hit up your server will happen depend now on
your config, check you
VirtualHost statement, if you have an IPv4
address you want to remove it, so you have something like:
<VirtualHost *:80> ServerName localhost ServerAdmin [email protected] DocumentRoot /var/www/html </VirtualHost>
If you use a
NameVirtualHost *:80 then your
will start working when you published AAAA records.
To publish an AAAA record use whatever method you use for ipv4 A records, they're the same thing :) ... I used my rsdns util ... kick of a test and watch your access log, all things being equal you should see ipv6 source addresses!
If it all works you can get yourself a cool badge like this one!