Ubuntu/centos IPv6 configuration

Time:2022-5-29

IPv4 network

In real life, we need to give a person, such as Zhang San. When delivering information or items, we need to know Zhang San’s address or mobile number or other signs that can find him.

Similarly, when we want to communicate with Zhang San in the network, we need to know Zhang San’s network ID;

In modern network communication, this identity is IP

Ubuntu/centos IPv6 configuration

The figure above is a simple network diagram

When user a needs to communicate with webserver, he only needs to know the IP address of the other party

However, one day, user a felt that it was too monotonous to remember the number of IP every time, and user a had many such communication records. He had to find the corresponding IP of the communication records every time to communicate. Life should not be so boring.

So user a gives a name to each contact object in the address book, but only user a knows the name at this time, and everyone doesn’t know it. What should I do?

So user a notified the contacts in the address book and agreed on their respective communication names with these contacts. In order to ensure security, accuracy, no tampering and easy query, user a agreed to choose a place to store this communication directory, so the DNS server was born.

  • Mailing address: IP
  • Communication name of each contact: domain name
  • Communication name directory: IP domain name
  • Storage place of communication name directory: DNS server

Communication scenario:

When user a visits www.loveyou COM, user a’s computer will first query www.loveyou COM, and then request the required resources according to the communication address.

IPv6

With the spider web? With the expansion day by day, user a found that the communication address (IPv4) was not enough, so he discussed with everyone to get a new communication address, so IPv6 came.

So how does IPv6 communicate?

Sample, I just changed the vest and upgraded it? I don’t know?

The basic elements of network communication remain the same. Don’t feel very tall when you see IPv6. It seems that I have gone to another world. I don’t know anything. It’s still the same when I peel off the skin of IPv6!

  • Mailing address: IP
  • Communication name of each contact: domain name
  • Communication name directory: IP domain name
  • Storage place of communication name directory: DNS server

Have the IPv6 configuration requirements been clarified?

Request IPv6 address

1、IPv6 addressClick Register to register an account

Ubuntu/centos IPv6 configuration

Ubuntu/centos IPv6 configuration

2. After the registration is completed, it needs to be verified. Just click the link of the corresponding email in the filled email

3. After logging in, click the on the leftCreate Regular Tunnel, fill in the IP address of the server on the right, and click thecreate TunnelAll right

Ubuntu/centos IPv6 configuration

4. Page after creation

Ubuntu/centos IPv6 configuration

5. ClickExample Configurations, select the operating system corresponding to the server, and the corresponding configuration will be automatically generated. Paste the automatically generated content to the/etc/network/interfacesJust at the bottom of the file. This step is to configure the IPv6 address of the server

Ubuntu/centos IPv6 configuration

6. The IPv6 service of the server is turned off by default. It needs to be manually turned on and modified/etc/sysctl.confInside

net.IPv6.conf.all.disable_IPv6 = 1

net.IPv6.conf.default.disable_IPv6 = 1

net.IPv6.conf.lo.disable_IPv6 = 1

Change to

net.IPv6.conf.all.disable_IPv6 = 0

net.IPv6.conf.default.disable_IPv6 = 0

net.IPv6.conf.lo.disable_IPv6 = 0

7. Configure nginx, express or other web services to support IPv6

Take nginx as an example:

server {
    listen 80 default_server;
    listen [::]:80 default_server;
    Server_ Name your domain name; 


    # Redirect all HTTP requests to HTTPS with a 301 Moved Permanently response.
    return 301 https://$server_name$request_uri;
}

server {

    #Using http/2 requires a version above nginx1.9.7
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
}

8. Restart the server (it should not be necessary to restart, but I’m lazy and can’t remember how to load it hot)

9. Add IPv6 resolution to domain name

  • A (address) record: configure the domain name to point to an IPv4 address (such as 8.8.8.1) and add a record
  • CNAME record: alias; If you point a domain name to a domain name to achieve the same access effect as the pointed domain name, you need to add CNAME records
  • MX record: establish an e-mail service, which will point to the e-mail server address. MX records need to be set
  • NS record: domain name resolution server record, that is, to specify a domain name server to resolve the subdomain name, you need to set the NS record
  • Txt record: used for SPF record and anti spam
  • SRV record: used to record the service provided by a server
  • AAAA record: the domain name points to an IPv6 address record
  • URL record: if you want to access the contents of domain B when accessing domain a, you can forward the domain a to domain B or a directory of domain B through URL forwarding; Such as xxx Example Com forward tohttp://www.XXX.com/details

According to the resolution rules provided by DNS, we need to add an AAAA resolution to the domain name. This resolution usually takes about 10 minutes to take effect

Domain name configuration IPv6 address resolution

$ dig www.xxx.cn AAAA +noall +answer

; <<>> DiG 9.8.3-P1 <<>> www.xxx.cn AAAA +noall +answer
;; global options: +cmd
www.xxx.cn.        600    IN    AAAA    20XX:4XX:XX:XXX::2

The domain name is not configured with IPv6 address resolution

$ dig www.xxxa.cn AAAA +noall +answer

; <<>> DiG 9.8.3-P1 <<>> www.xxxa.cn AAAA +noall +answer
;; global options: +cmd

10. Let’s test whether webserver supports IPv6

IPv6 test URL

Enter the nginx web domain name just configured to support IPv6

Ubuntu/centos IPv6 configuration

You can see that the corresponding web of nginx already supports IPv6, but there is aIPv6 DNS ServerThere is a hint

This domain has no IPv6 DNS server, this may prevent some IPv6-only users from reaching it.

The DNS server that resolves this domain name isDNS server for IPv4, noDNS server for IPv6, which will cause users who only support IPv6 to be unable to access the domain name. All users need a supportDNS server for IPv6

11. Modify DNS server for domain name resolution

At present, the default NDS server for the domain name of Wannet is the IPv4 DNS server. If you want to support IPv6 only, you need to modify the DNS server

IPv6 DNS server reference link 1, does not guarantee the authenticity, and should bear its own responsibility

IPv6 DNS server reference link 2, does not guarantee the authenticity, and should bear its own responsibility

12. IOS friends can play happily

Since early May, 2016, apple expressly stipulated that all developers should submit new versions after June 1 to support IPv6 only networks

Configuration required by IOS app

1. The domain name of API needs to support IPv6
2. IPv6 support is required in the background
3. The app needs to support IPv6
4、DNSServer can useIPv4ofDNSServer (because most networks do not support full linkIPv6, usingIPv6ofDNSServer may fail to resolve)

Non ECS configuration

1. If the company has its own hardware server and firewall, it needs to set IPv6 NAT address mapping on the firewall to ensure that users can access the intranet when using IPv6 address.

For specific configuration methods, please consult the configuration manual of the corresponding hardware. It is best to consult the hardware provider to see whether the hardware supports IPv6 NAT configuration