IPv6 Certification Program Topics > General Discussion

Software configs

(1/3) > >>

broquea:
So by default, at least on the more recent versions of Fedora, CentOS, Ubuntu and FreeBSD that I've configured, most services seem ready out of the box for IPv6, mostly in a dual-stack default way.

OpenSSH: sshd_config

--- Code: ---#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
--- End code ---
Should already be set, which makes it listen on any address configured, IPv4 or IPv6. So if you only want it available on 1 IP, set it there.

Postfix: main.cf

--- Code: ---inet_interfaces = all
inet_protocols = all
--- End code ---
Since I run dual-stack, the second line makes it use both IPv4 & IPv6. First line I have that way by default, but would make sense if you've terminated a tunnel on your mail server and need that interface included.

Apache: httpd.conf

--- Code: ---Listen 80
--- End code ---
This again has been dual-stack happy since by default it is configured to just listen on port 80 regardless of the IP. You can of course do the whole virtual-hosting, and configure like:

--- Code: ---<VirtualHost x.x.x.x:80 [A:B:C:D::F]:80>
--- End code ---
Where x.x.x.x is your IPv4 address and A:B:C:D::F your IPv6.

Dovecot: dovecot.conf

--- Code: ---listen = [*]
listen = [::]
--- End code ---
Again I run dual-stack so I want both configured. You can always lock it down to single IPs.


If anyone has more examples, please share!

kriteknetworks:

--- Code: ---<bind-address>::</bind-address>

--- End code ---

will listen on all ipv4/6 interfaces by default
Optionally specific addresses can be assigned, ipv4/6

kriteknetworks:
in your sendmail.mc (or $HOSTNAME.mc fbsd 7.x) put the following:


--- Code: ---dnl Enable for both IPv4 and IPv6 (optional)
DAEMON_OPTIONS(`Name=IPv4, Family=inet, Addr=xxx.xxx.xxx.xxx')dnl
DAEMON_OPTIONS(`Name=IPv6, Family=inet6, Addr=200x:xxxx:xxxx:xxxx::xxxx')dnl

--- End code ---

rebuild sendmail.cf, backup old sendmail.cf, cp new one over, restart sendmail, lsof -itcp:25 or netstat to confirm listening on specified IPs.

NOTE: slackware linux does not enable ipv6 in sendmail, requires building from scratch. I have no experience with sendmail on other linux distros, so I don't know what support they ship sendmail with.

broquea:
BIND(9):

Here are some examples from working in-production personal stuff. These are just how I've always configured my zones from some ancient bind zone-file generating script long lost and not forgotten.

named.conf; reverse zone for /64:

--- Code: ---zone "9.0.0.0.1.0.0.0.0.7.4.0.1.0.0.2.ip6.arpa" {
type master;
file "/etc/bind/reverse-2001-470-1-9_64.IP6.ARPA";
allow-transfer {
};
};

--- End code ---

reverse-2001-470-1-9_64.IP6.ARPA:

--- Code: ---$TTL 300
@ IN SOA 9.0.0.0.1.0.0.0.0.7.4.0.1.0.0.2.ip6.arpa. broquea.deus-exmachina.net. (
200810210 ; Serial number (YYYYMMdd)
24h ; Refresh time
30m ; Retry time
2d ; Expire time
3d ; Default TTL (bind 8 ignores this, bind 9 needs it)
)

                                ; Name server entries
                                IN     NS     ns1.deus-exmachina.net.
; IPv6 PTR entries

; Subnet #1
$ORIGIN 9.0.0.0.1.0.0.0.0.7.4.0.1.0.0.2.ip6.arpa.

a.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0         IN      PTR     master.deus-exmachina.net.
b.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0         IN      PTR     deus-exmachina.net.
c.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0         IN      PTR     ns1.deus-exmachina.net.
6.2.0.0.0.0.0.0.0.0.0.0.0.0.0.0         IN      PTR     onion-cafe.com.

--- End code ---

Zonefile for one of my domains, showing AAAA examples:

--- Code: ---$TTL 300
onion-cafe.com. IN    SOA   ns1.deus-exmachina.net. broquea.deus-exmachina.net. (
                  200810220   ;serial
                  8H       ;refresh
                  2H         ;retry
                  1W         ;expire
                  1D )

IN NS ns1.deus-exmachina.net.
IN NS ns2.deus-exmachina.net.
IN MX 1 mail.onion-cafe.com.
IN A 72.52.116.26
IN AAAA    2001:470:1:9::26
mail IN A 72.52.116.26
IN AAAA 2001:470:1:9::26
www IN A 72.52.116.26
IN AAAA 2001:470:1:9::26

--- End code ---

This is not the secret message.

ericj:
/etc/proftpd/proftpd.conf

--- Code: ---UseIPv6 on
--- End code ---
(usually set by default)

Navigation

[0] Message Index

[#] Next page

Go to full version