Re: Ipv6 for the content provider

[Owen DeLong <owen () delong com>]

On Jan 26, 2011, at 11:17 AM, Antonio Querubin wrote:

> On Wed, 26 Jan 2011, Charles N Wyble wrote:
>
> > Do I just need to assign ip addresses to my servers, add AAAA records to
> > my DNS server and that's it? I'm running PowerDNS for DNS, Apache for
> > WWW. Postfix for SMTP.
>
> Best to remove IP version dependencies in your configs.
>
> If you are using name-based virtual hosting in Apache, convert:
>
>  Listen a.b.c.d:80         ->  Listen 80
>  <Virtualhost a.b.c.d:80>  ->  <Virtualhost *:80>
That only works if you have only one address on the machine and.

If you have addresses that aren't intended for name-based-site-A but
do terminate SSL connections to sites B, C, and D, then you probably
don't want to use * for site A.

> Use hard-coded IP addresses only where required for stuff like SSL-enabled webhosts.
Depends on the complexity of your environment. In a more complex configuration
you can actually save yourself a lot of trouble and confusion later by using a
construct like this:

Listen 192.159.10.7:80
Listen [2620:0:930::dead:beef:cafe]:80
Listen [2620:0:930::400:7]:80
<VirtualHost 192.159.10.7:80 [2620:0:930::400:7]:80 [2620:0:930::dead:beef:cafe]
:80>
        ServerName www.delong.com
...


YMMV, but, that's working reliably in my environment for:

[root@owen conf]# host www.delong.com
www.delong.com has address 192.159.10.7
www.delong.com has IPv6 address 2620:0:930::400:7

(The dead:beef:cafe address isn't currently in the AAAAs that are publicly visible because
it's used for testing specialized testing from different DNS views.)

The machine in question has a number of IPv4 and IPv6 addresses many
of which terminate HTTP/HTTPs connections, some of which do not.

Owen