Our office has a /24 IPv4 and a /48 IPv6 network since 2003, and all our public services are available on IPv4 and IPv6.
This is a test to see if it would be possible to run parts of the TERENA Secretariat office network on IPv6 only.
This page keeps track of progress, bugs, and issues with this transition.
I will start with all systems and services that are used only internally.
This is not the first time this has been tried out:
- Arkko & Keranen: IPv6-Only Experiences (October 2010)
Milestones
Date 2011-03-08 HP Printer IPv6 only Upgraded Laserjet 4250 with new print server, removed A record 2011-02-28 Host Removed IPv4 address and A record <ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="ede4dda7-b8da-4eac-9651-fbd08d1616aa"><ac:plain-text-body><![CDATA[ 2011-02-07 Nagios runs only on IPv6 Configure ]]></ac:plain-text-body></ac:structured-macro> 2011-02-07 Host Removed IPv4 address and A record 2011-02-01 All linux servers run Postfix on IPv6 only (except listed MXs) Remove IPv4 addresses from 2011-01-31 All linux managed by SSH via IPv6 only Configure " 2011-01-30 All linux servers use only IPv6 resolvers Only IPv6 addresses in 2010-10-26 VPN supports IPv6 A new VPN setup: Cisco AnyConnect. Clients get an IPv4 and an IPv6 address from the office pools, so they can access all services via IPv6
ldap.terena.org
IPv6 only
Listen [2001:610:158:98d::42]:80
in /etc/apache/ports.conf
svn.terena.org
IPv6 only
$mynetworks
, and set "inet_protocols = ipv6
"
ListenAddress ::
" in sshd_config
/etc/resolv.conf
To avoid name resolution problems, it was necessary to copy to the legacy 127.0.1.1
entries to ::1
:
127.0.0.1 localhost 127.0.1.1 ldap.terena.org ldap # The following lines are desirable for IPv6 capable hosts ::1 localhost ip6-localhost ip6-loopback ldap.terena.org ldap
Misc issues
Skype
Skype does not support IPv6 at all. EPIC FAIL!!!! Please everybody VOTE FOR IPv6
Cisco Catalyst 3750
This switch does not support IPv6 access lists on VLANs. Needs replacing in 2011 anyway. New box might support NAT64?
Cisco AP1200
These access points do not support IPv6. Need replacing anyway. The AIR-AP1142N-E-K9 could be a drop-in replacement. Also does N.
Sharp AR-M276
This copier/printer does not support IPv6 at all.
Could not retrieve e-mail addresses for 'scan to email' after LDAP server went IPv6 only. Hack Work-around: manually put addresses in.
Our big Sharp MX2600n has IPv6 support, so we should get rid of this clunker on the first occasion.
Google Mini
This box does not support IPv6. Needs replacing in 2011 anyway, but don't forget to check!!
Axis Q1755 web cam
Can be configured to do IPv6, but only PING works
Investigate further.
Sharp MX-2600N printer
Does seem to do IPv6 (ping), but printing is not (yet) possible .
Investigate further.
Some tests indicate the Ecdysis works well.
Also, they presented at our own conference last year
Take into consideration!
Linux issues
|
PECL radius |
IPv6 doesn't work. Needed for TERENA web site. Update 2011-03-01: by upgrading Pear_Auth, Pear Live_User was able to use LDAP (via IPv6), without the Radius overhead. |
|
apt-get |
|
|
Pear Net_Socket |
Does not like IPv6 addresses, wrote patch. |
|
ntp |
|
|
ntp |
dumps core without IPv4 loopback address. Keep legacy 127.0.0.1 address |
|
Confluence and JIRA LDAP auth via IPv6 = b0rked |
Workaround: use IPv6 only hostname: |
|
Radiator |
Cannot use IPv6 LDAP server. Filed support ticket at Open.com.au. Fixed as of 2011-02-12. Also make sure to add flags to any custom perl hooks: |
|
Listmanager |
Custom email list manager, running on Erasmus. 2 lists were doing queries to |
|
Nmap |
Nmap only recognizes IPv6 resolvers by specifying " |
Windows issues
|
WinSCP |
Upgrade to 4.2.8 or later to get IPv6 going |
|
EMS PostgresQL manager |
Tunneling via SSH does not work. Native Postgres connections work, so the bug must be in |
|
TurtoiseSVN |
I had some repositories checked out with TurtoiseSVN, using my SSH keys from Putty/Pageant. Any actions on the repository started to have a really long delay after switching off IPv4 on the subversion server. Fixed after using the right repository URL format, in my case using the Putty session name instead of the host name. This session has everything set properly already. In my case the hostname is |
|
Remote Desktop client ( |
An RDP (Remote Desktop) connection to a Windows 7 computer using a hostname that only has a AAAA record takes 11 seconds. |
Mac OS X issues
|
Autoconfiguring name servers does not work for Mac OS X |
Macs need manually configured name servers, boo! |
|
CIFS client on Mac OS X does not support IPv6 |
Unable to file bug report due to lame web site ("An error has occurred. Please report the error to Apple Inc. by emailing the error detail to devbugs@apple.com.") |
|
CyberDuck does not work with IPv6 hostnames |
Use either literal IPv6 address, or IPv6-only host name |
To Do
|
VMware ESXi, Vcenter, VCB. These SHOULD work on IPv6. Curious if they really work on IPv6 only |
|