[BlueOnyx:17472] Re: ipv6 possible?

Mon Apr 27 21:41:36 -05 2015

Hi Dirk,

> is is possible in BO to add an additional ipv6 address to a site?

As posted on the developer list:

At this time? No, sorry.

Actually: Off and on I spoke with various people about it and we were
going through a few options.

This article has some info on this in a short, but general fashion to
get an overview:

http://www.zdnet.com/article/five-ways-for-ipv6-and-ipv4-to-peacefully-co-exist/

So there are ways to make IPv4 and IPv6 co-exist on the same box via
Dual-IP stacks. There is the possibility to tunnel things. Or something
called "6to4" and lastly there is even the possibility to do NAT and
that way run both.

All of them have advantages and disadvantages. There are also some that
say "why bother?" and point out that (on an ISP level) they map IPv6 to
IPv4 anyway, or the other way around. With good networking equipment you
don't have to worry about it on the OS level and can simply "bend it
into shape" via the network equipment.

So how would we go about it as far as BlueOnyx is concerned?

We do have two options here, which I'd like to present. At least these
are two options that are easily implemented and still complicated enough:

a.) Single stack:

At initial setup you decide if the box will be using IPv4 *or* IPv6 and
will set up the network accordingly. If you select IPv4, then all will
be as it is now. Vsites can only use IPv4 addresses. If you choose IPv6,
then both the server and Vsites exclusively use IPv6.

For me this option is the easiest, as I'd simply replace the regular
expressions that check for IP's and Netmasks against their IPv6
counterparts. Some handlers and constructors would need changes, but all
in all? It's relatively simple - yet complicated enough.

b.) Dual stack:

When the network is set up in the Wizard you have the choice to enter
both IPv4 or IPv6 details. If you enter only IPv4, or only IPv6, the
other protocol isn't used.

If you want (or need) to use both, we use dual stack. Which means that
each Vsite can have both an IPv4 *and* and IPv6 IP address. This then
also "translates" down to the services, which bind to both the IPv4 and
IPv6 IP.

For Apache this means that we have two "Listen" statements in
httpd.conf. One for IPv4 and one for IPv6. Likewise each VirtualHost
container will be there twice: Once for IPv4 and once for IPv6. Plus
another two times for their SSL counterparts if SSL is enabled.

Like this:

It appears that this also works with Apache 2.4:

For ProFTPd we'd also need to "clone" the existing IPv4 containers for
each IPv6 IP address.

Sendmail and Dovecot just need to bind to all IP addresses (including
the IPv6 ones) and they'll be good to go.

So all in all ... it'll be possible and I'll try to figure out a way how
we can add it to 5209R in the somewhat longer run. Preferably in the
"dual stack" fashion, as it offers the most flexibility.

-- 
With best regards

Michael Stauber