OK. I've got IPv6. Now, what do I do with it?
My ISP just upgraded us to IPv6. I see that I have a /56 network. Sounds wonderful. What can I do with it?
The first thing I wanted to do was create an Apache website that uses SSL on one of my shiney new IPv6 addresses (I have a block of 18 ipv4 addresses, and they are all in use, so, going ipv6 is a great thing for this).
But, I don't know how to do it?
What are the steps here? For example, this is what I would do with ipv4 addresses...
1. Use ipcalc to calculate out the address space:
michael@backup01:/home/mic
Address: 192.168.1.10 11000000.10101000.00000001
Netmask: 255.255.255.240 = 28 11111111.11111111.11111111
Wildcard: 0.0.0.15 00000000.00000000.00000000
=>
Network: 192.168.1.0/28 11000000.10101000.00000001
HostMin: 192.168.1.1 11000000.10101000.00000001
HostMax: 192.168.1.14 11000000.10101000.00000001
Broadcast: 192.168.1.15 11000000.10101000.00000001
Hosts/Net: 14 Class C, Private Internet
This shows me that I have 14 usable addresses. I know my HostMax is the gateway, and I know my HostMin is the device (router). So, I have 13 usable in this example.
2. Consult my spreadsheet to see that 192.168.1.1 - 192.168.1.8 are all in use.
3. Configure my new site on 192.168.1.9.
What does this procedure look like with IPv6?
The first thing I wanted to do was create an Apache website that uses SSL on one of my shiney new IPv6 addresses (I have a block of 18 ipv4 addresses, and they are all in use, so, going ipv6 is a great thing for this).
But, I don't know how to do it?
What are the steps here? For example, this is what I would do with ipv4 addresses...
1. Use ipcalc to calculate out the address space:
michael@backup01:/home/mic
Address: 192.168.1.10 11000000.10101000.00000001
Netmask: 255.255.255.240 = 28 11111111.11111111.11111111
Wildcard: 0.0.0.15 00000000.00000000.00000000
=>
Network: 192.168.1.0/28 11000000.10101000.00000001
HostMin: 192.168.1.1 11000000.10101000.00000001
HostMax: 192.168.1.14 11000000.10101000.00000001
Broadcast: 192.168.1.15 11000000.10101000.00000001
Hosts/Net: 14 Class C, Private Internet
This shows me that I have 14 usable addresses. I know my HostMax is the gateway, and I know my HostMin is the device (router). So, I have 13 usable in this example.
2. Consult my spreadsheet to see that 192.168.1.1 - 192.168.1.8 are all in use.
3. Configure my new site on 192.168.1.9.
What does this procedure look like with IPv6?
As Mahesh stated, you to configure your firewall/router NAT your public IPV6 addresses to your internal IPV4.
You also need to:
Add AAAA records to the DNS server that does your name resolution for you on the Internet. This allows somebody to get your IP V6 address when they look up your host name.
Last, but not least, you need to wait for the rest of the world to start using IPV6 so they will do a IPV6 name lookup for the AAAA record you created above.
You also need to:
Add AAAA records to the DNS server that does your name resolution for you on the Internet. This allows somebody to get your IP V6 address when they look up your host name.
Last, but not least, you need to wait for the rest of the world to start using IPV6 so they will do a IPV6 name lookup for the AAAA record you created above.
ASKER
The server in question is on a public IP address. It's not behind a firewall. So I'm assuming I should be able to just add another network device and it should just pull a brand-new IPv6 address from upstream. The problem is I don't know how to force this.
you don't pull a ipv6 address you assign it either via dhcp or in the tcpip ipv6 properties of the network adapter.
Even if you get an IPV6 address via DHCP, if you want to actually have people connect to it using IPV6 you need to somehow get a DNS entry (AAAA record for IPV6) pointing to the IPV6 address.
If course setting it up for IPV6 DHCP assumes that you, or your ISP, has an IPV6 DHCP server setup.
If course setting it up for IPV6 DHCP assumes that you, or your ISP, has an IPV6 DHCP server setup.
U need to check with ISP, how you will get IPv6 Public IP (static or dynamic), If its dynamic, ISP will create reservation on his DHCP IPv6 scope for your specific IPV6 address
OR
He will provide you static IP which you could set directly on server
In any case as stated giltjr, you do require Host(AAAA) record to be created on public DNS server (ISP DNS server) and in order to replicate that to all internet dns servers, it will take at least 12 HRS, after that it will be resolvable from entire internet world.
OR
He will provide you static IP which you could set directly on server
In any case as stated giltjr, you do require Host(AAAA) record to be created on public DNS server (ISP DNS server) and in order to replicate that to all internet dns servers, it will take at least 12 HRS, after that it will be resolvable from entire internet world.
ASKER
Somehow, these answers have gotten way off topic.
My question here is diretly related to putting a server with SSL on the "public" internet with IPv6. That means, when I put a AAAA record in the DNS, users anywehre in the world can connect (provided they have ipv6).
In IPv4, we had to get a public static IP; however, with IPv6, it seems that concept has gone away.
@David Johnson:
I have IPv6 DHCP severs setup in my LAN, but that is not part of this question. The server in question is currently outside my LAN on a public ipv4 address. It's a linux box, and it has "magically" received an IPv6 address. I can only assume it came from Comcast, our ISP. So, I want to add 10 more IPv6 addresses to the box using logical network adapaters.
@giltjr:
This is exactly my question. Rephrased.
@Mahesh:
They have assigned me a /56, which means I should have 256 subnets, and each subnet gives me 18,446,744,073,709,551,616
So far, I've used 1. I want to use 10 more.
My question here is diretly related to putting a server with SSL on the "public" internet with IPv6. That means, when I put a AAAA record in the DNS, users anywehre in the world can connect (provided they have ipv6).
In IPv4, we had to get a public static IP; however, with IPv6, it seems that concept has gone away.
@David Johnson:
I have IPv6 DHCP severs setup in my LAN, but that is not part of this question. The server in question is currently outside my LAN on a public ipv4 address. It's a linux box, and it has "magically" received an IPv6 address. I can only assume it came from Comcast, our ISP. So, I want to add 10 more IPv6 addresses to the box using logical network adapaters.
@giltjr:
This is exactly my question. Rephrased.
@Mahesh:
They have assigned me a /56, which means I should have 256 subnets, and each subnet gives me 18,446,744,073,709,551,616
So far, I've used 1. I want to use 10 more.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Qlemo... exactly. But, how do I calculate out another address on the network?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
U need to do some work on firewall \ gateway device I guess
U need to do public IPV6 to private IPv4 conversion (NAT64 \ 6 to 4) \ translation
http://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/enterprise-ipv6-solution/white_paper_c11-676278.html
Check your device vendor documentation