Getting ready for IPV6

I’ve been regularly playing with IPV6 since mid-2006 when I first opened an account at SixXS ang got my first IPV6 tunnel up and running. Sadly at that point, there wasn’t much Point of Presence for tunnels, not even mentioning the state of native IPV6 networks…

Relatively recently my dedicated server provider started offering native IPV6 connectivity in their Nuremberg-based datacenter. They offer a /64 per server which should be plenty enough for most users and allows for stateless configuration of a single network. Unfortunately in my case, I’m running OpenVZ, LXC and KVM on that box, meaning multiple distinct networks with bridging and firewalls.

As I also wanted IPV6 connectivity for my home network and would rather have a single provider for both, I started looking at the current state of tunnel brokers to end up choosing Hurricane Electric who offer free IPV6 tunnels and one /48 network per subnet which is exactly what I needed. They have Point of Presence pretty much all around the world which means very low latency IPV6 for all my networks.
They also happen to be one of the two upstream providers of the ISP we use at the office.

So I started configuring my Vyatta (Debian-based router distribution) routers to handle the IPV6 tunnel, send Router Advertisement to all my networks (radvd), relay DHCPv6 to my DHCP server and firewall incoming traffic.
That was surprisingly easy, taking only a few minutes, copy/pasting the configuration provided by the tunnel broker and setting up the firewall rules.

I then made sure all my main services are working properly with IPV6, for now that includes, DNS servers, Web servers, Mail servers and shell access. Backported Natty’s isc-dhcp-server to 10.04 LTS and moved my DHCP to using it and created a minimal configuration to get stateless DHCPv6 to announce my NTP and DNS servers.
I also updated my public DNS to include AAAA records for all services that have dual-stack support and got my registar to add IPV6 glue records to my domain.

I’ve now been running that setup for a week or so for my home network, dedicated server and office network. Running wireshark for a few hours showed that almost half of my connections are IPV6 (mostly on my own networks).

I’ve been surprised to see how well Ubuntu Natty’s NetworkManager copes with IPV6 network. In my case, it successfully noticed the “other-config” flag in the router advertisement and started dhclient to grab the DNS and NTP configuration from the DHCPv6 server.

So I now have a working environment to developer the next generation LTSP-Cluster which is supposed to have complete IPV6 support from the first release.

Let’s hope we’ll see more IPV6 deployment in 2011.
Happy new year everyone !

This entry was posted in LTSP, LXC, Planet Revolution-Linux, Planet Ubuntu and tagged . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *