barnabyjeans.ca goes IPv6
UPDATE: As I have changed hosting providers, the following information no longer applies, however, is left as a reference for others who may be trying to get IPv6 up and running.
A couple of months ago I got IPv6 up and running at home, now that I have that working, the next logical step was to setup a server that I could connect to using IPv6. Over the last few weeks I have been working on getting https://barnabyjeans.ca to not only speak IPv4 but also be accessible over IPv6. The good news is that this is now working and you can access this site over IPv6. If you are experimenting with IPv6, you should automatically connect over IPv6 as there are both A and AAAA records setup for that server. However, if you have IPv6 setup but name resolution isn’t working you may want to try accessing the site via the following https://[2001:470:1f04:39a::2] (depending on your operating system, this may or may not work). You should notice down at the bottom of the page (under the community server logo) is the IP address you are connecting from. If you are hitting the server over IPv6, you should see your IPv6 address down there, if not, you will see your traditional IPv4 address.
Now that I have that out of the way, how did I go about getting the server to talk IPv6? I’ll try to outline the steps below, but as with anything, you will probably want to try this out in a controlled environment before rolling this out more broadly.
- Decide how you are going to get your IPv6 address. For this server, I decided to try Hurricane Electric’s free tunnel broker which you can find at https://tunnelbroker.net.
- Once you have registered and signed into the https://tunnelbroker.net site, you will need to request a new tunnel and provide the current IPv4 address of your endpoint (server). As we are setting this up on an Internet facing server, you will likely have a public IP so this step should be pretty straight forward. If your server sits behind a firewall they you will need to use the firewall IP address and, very importantly, make sure that your firewall passes protocol-41 traffic.
- After you have requested your tunnel, you will be provided with some important pieces of information, specifically:
Server IPv4 address:220.127.116.11 - note this isn’t your server IP address - this is the tunnel server endpoint
Server IPv6 address:2001:470:????:???::?/64
Client IPv4 address: aa.bb.cc.dd - this should be the public IP address of your server
Client IPv6 address:2001:????:????:????::?/64 - this will become the IPv6 address for your server
- you will also notice some instructions on how to configure various operating systems to use the information above. In our case we’ll select Vista/2008 (this seems counter-intuitive as we are using Server 2003, however, this option provides you with the “netsh” commands that you will need to get this working.
- Enable IPv6 on the server. In this case Windows Server 2003 so the following command should do the trick
netsh interface ipv6 install
- once you have ipv6 installed on the server, you can make use of the commands as mentioned in #4 above. They will likely look like the following (I’ve replaced the actual values with $ClientIP, etc):
netsh interface ipv6 add v6v4tunnel IP6Tunnel $ClientIP $ServerIP netsh interface ipv6 add address IP6Tunnel $ClientIPv6 netsh interface ipv6 add route ::/0 IP6Tunnel $ServerIPv6
- once you have completed these steps, you may want to try the following commands to see if you are connecting via IPv6:
ping -6 www.kame.net ping -6 www.sixxs.net
These commands should be successful unless you have a firewall that is blocking ICMPv6
- lastly, if you have any websites currently running, you will need restart IIS to have it listen over IPv6. The following article discusses IIS and IPv6 specifically: https://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/6ad3cff7-10f7-4499-8673-e866795607d1.mspx?mfr=true
There is a great page on Technet site that covers a lot of the background on IPv6 and is worth a read - http://technet.microsoft.com/en-ca/network/bb530961.aspx