Thursday, September 15, 2011

Should Webhosts worry about IPv6?


Well, if your already setup, then you wont have to worry too much. At the current rate, the general opinion is that new hosts will have to be assigned IPv6 addresses by 2012(if the world doesn’t end). So if those hosts wish to communicate with the other IPv4 servers, using the IPv4 network infrastructure, hosts will have to start understanding both IPv4 and IPv6. At least till the transition is complete. To make the transition as smooth as possible, various transition mechanisms have been put forward, of which RFC 4213(Basic Transition Mechanisms for IPv6 Hosts and Routers) will make an interesting read for any Webhost who plans to buy servers after 2012. More after the jump.

Why IPv6?

When I bought my first PC, a friend of mine said “A 2GB HDD?? What are you going to do with all that space? Its going to be a waste!”. Well, that was before someone invented a lossy data compression method called MPEG-2 Audio Layer III. Thats pretty much whats happening with IPv4 addresses. Mobile devices now do more than just make calls, various services requiring the device to have its own IP address. Virtualization technologies have allowed single physical hosts to host multiple servers, each requiring their own blocks of address. Always-on broadband connections, inefficient address use and basically just more people on the net, have all led to IP address usage far exceeding the expectations when IPv4 was first developed. Besides various other security and QoS enhancements, a jump from 32bit to 128bit addresses is the most significant, or the most needed, change in Internet Protocol version 6.

What will I have to change?

The mechanisms in this document are designed to be employed by IPv6 hosts and routers that need to inter-operate with IPv4 hosts and utilize IPv4 routing infrastructures. We expect that most nodes in the Internet will need such compatibility for a long time to come, and perhaps even indefinitely. - quote from RFC4213
That last line is quite comforting, it lets you know that not many people expect the transition to be complete. IPv4 maybe be around longer, much much longer. But if you purchase hosts after 2012, you’ll most probably get an IPv6 address(es). Two mechanisms put forward by RFC4213 to help with the transitions are dual stack and configured tunneling. Neither of which you will have to worry about, as they will be taken care of by either your OS or DC. Most OSes today that support IPv6 implement a hybrid IPv4-IPv6 stack. However something that may effect you directly is IPv6 address resolution. i.e. Getting your nameservers to handle IPv6 address, and that will be what I’ll be talking about in my post next week. Check back for other interesting posts from my fellow bloggers.

IPv6 in your OS

Latest releases of all major OSes currently support IPv6 out of the box.

For Linux

IPv6 support has been available for the 2.4.x kernel, but it is recommended you switch to the 2.6.x kernel to be IPv6-up-to-date(among other reasons). To test if your server support IPv6, simply run the following command:
test -f /proc/net/if_inet6 && echo "Running kernel is IPv6 ready"
If it displays the “Running kernel is IPv6 ready” message, your server is IPv6 ready. If not, you can find out more on how to load the IPv6 modules here.

For Windows

Support for IPv6 is built into the latest versions of Microsoft Windows, which include Windows 7, Windows Server 2008 R2, Windows Vista, Windows Server 2008, Windows Server 2003, Windows XP with Service Pack 2, Windows XP with Service Pack 1, Windows XP Embedded SP1, and Windows CE .NET.

IPv6 at your DC

Support for IPv6 may not necessarily require new hardware, as support can enabled via software/firmware upgrades, if the current hardware has enough storage and memory space to support the new IPv6 stack. However various “IPv6 ready” devices are being marketed with “advanced” support. So contact your DC if you need to know more. But if they are selling you servers IPv6 addresses by 2012, I guess its safe to assume they have the necessary equipment in place :)

The IPv6 Address Space

IPv4 uses a 32-bit address space. These 32 bits of data are stored as binary numbers(1’s and 0’s), but to make them easier for us to understand, they are displayed as blocks of decimal numbers separated by a “.”. Hence the familiar 192.168.1.1 notation. IPv6 uses 128-bits of data to represent an IP address. So if we were to use the same decimal notation, it would go up to 39 digits. To avoid lengthy notations, IPv6 will use a hexadecimal notation. i.e. a combination of numbers 0-9 and letters a-f(10-15). This reduces the number of characters required to represent an IPv6 address down to 32. IPv4 address are broken into 4 blocks of 8bits each separated by a “.”, IPv6 uses 8 blocks of 16 bits each separated by a “:”. So an IPv6 address in this notation would look something like this:
5852:d721:6b39f:0e32:99e6:34bb2:7134:43ff

But leading zeros in each block are omitted, and whole blocks of zeros are represented by “::”. So the address above would be more correctly represented as:
5852:d721:6b39f:e32:99e6:34bb2:7134:43ff

The familiar 127.0.0.1 “localhost” in IPv4 is represented as:
0000:0000:0000:0000:0000:0000:0000:0001
which shorten downs to:
::1

Ok, now that we know what IPv6 IP address are all about in part I and II, lets take a look at what it would be like using them for sites hosted on your server.
Once you’ve ensured that your OS and your DC are setup to support IPv6, the next step would be to start configuring your services to understand and handle IPv6 addresses. One of the services that you will need to ensure is IPv6 ready, is your DNS service. Bind ver 9.x and the DNS Server service of Windows Server 2003/2008 both currently support IPv6. IPv6 support in Bind is not enabled by default, so if you are using a plain server with no control panel, you will have to recompile Bind to enable IPv6 support. If you are using a control panel, you will have to check your control panel documentation for more details. As of writting this post, only DirectAdmin has announced its partial support for IPv6. Other two popular control panels Plesk and cPanel have not yet announced support for IPv6, but it seems work on it is currently in progress. cPanel has mentioned it in their FAQ here.

Adding IPv6 IP Addresses

Even though most control panels do not support adding IPv6 addresses now, you can still test by manually adding IPv6 address to the DNS zone file of your domains. The DNS servers currently in use with most popular control panels, on both Linux and Windows servers, already support IPv6 host records. There are currently two resouce record types in contention for this post, they are A6 and AAAA. Just like how the A record defines an IPv4 record, the A6 and AAAA records can be used to define IPv6 records. Both are currently supported by DNS servers, and you can read a comparison of them here.
Now that you know what resource record to use, adding the record to the DNS zone of your domain is just like adding any other record. e.g. If the IPv6 IP address of my domain was 5852:d721:6b39f:e32:99e6:34bb2:7134:43ff, the DNS record that would point my domain to that IP address would be:

my.domain. IN AAAA 5852:d721:6b39f:e32:99e6:34bb2:7134:43ff

Once that is setup a quick lookup using dig or nslookup would report this as the IP address of my domain. Thats it! Well, mostly. Assuming that this IPv6 IP address points to a server that is fully IPv6 ready. i.e. It has Apache listening on this address and a VirtualHost setup on that IP. Not to mention other services like Mail, MySQL etc also understanding the IPv6 address. But don’t worry, by the time IPv6 addresses hit the hosting industry, all control panels will already support IPv6 so you wont have to worry about configuring these services! Hope these articles helped give you a better idea about IPv6 and its use in the webhosting industry.