Zaf’s Blog

Contra to popular belief, IPv6 is here, now, and is working.

In fact, you’re using it right now. There are a number of machines located in my “data-centre” network at my house. These machines all have IPv6 addresses. Actually, Cerberus, the firewall, is responsible for allocating the IPv6 addresses. Its an IPv6 router, and issues addresses to any machine in the network (think IPv6, but better).

The webserver that you are currently talking to is actually listening on an IPv6 address only. Cerberus runs an IPv4 to v6 reverse web proxy. If you actually are using an IPv6 connection, you will bypass Cerberus and connect directly to this machine (darwin.nrc.co.nz).

One of my websites, Psylon.co.nz is accessible only via IPv6.

Why am I doing it this way? One its a great learning process. Two it makes maintenance much easier. I don’t use name-based virtual hosting with my primary webserver. Each website gets its own IPv6 address. True the cerberus v4 gateway makes it all name-based when using v4, but when using v6, it all works very very well.

The only thing wrong with my setup is I have chosen not to set my system up with a tunneled v6 address as the primary address. My primary IP address range is 2002:3cea:9ce3::/48, which is a 6to4 IP address. (This IP address range is the range thats issued to all the clients on my network. In theory I could issue tunneled (see below) addresses to my clients and leave the routing decision to the client, but this would be inefficient). The end result is that any site which is properly configured for IPv6 can route to my sites without routing through slow tunnels.

I also have a tunnel (2001:388:c034::/48) provided by aarnet.net.au, which as far as I can figure, is the fastest tunnel broker for me. It adds about 200ms. At the moment, I only use the tunnel to route to non 6to4 addresses.

For my next blog entry, I’ll attempt to document how I’ve set all this up, and what problems I ran into.

This entry was posted on Saturday, May 12th, 2007 at 2:12 pm and is filed under post. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.