Quinn Labs: A website about building websites

ipv6 cover

AAAA! Are you ready for IPv6?

ARIN announced July 1 that they had approved an “address request that was larger than the available inventory” of IPv4 addresses. ARIN’s service area comprises the US and Canada, plus some Atlantic and Caribbean islands.

Because IPv4 and IPv6 don’t directly interoporate, some internet users will eventually not have access to the old IPv4 network. Setting up your web site to accept IPv6 as well as IPv4 connections will future-proof it and allow for universal access.

To do that, you should look into getting your server an IPv6 address (it may even already have one). You’ll also need to tell the DNS about the IPv6 address, so that users and devices using IPv6 can find your site on the IPv6 network.

Setting up a server for IPv6

The details of setting up a web server for IPv6 depend on your hosting provider and server operating system. At Quinn Labs, we’re using FreeBSD hosted at RootBSD. The server housing this site automatically has access to IPv6, with 18,446,744,073,709,551,999 addresses available to this server.

That unimaginably huge number (over 18 quintillion addresses, 1.8 × 1019, or 264), is a tiny fraction of the total IPv6 address space, which consists of 2128 or 3.4 × 1038 addresses.

In our case, RootBSD has assigned us the address prefix 2607:FC50:1:f600::/64. The “/64” is the prefix length in bits. With 64 bits, we have access to 264 addresses. However, we need only one of them. We chose 2607:FC50:1:f600::2, because 2607:FC50:1:f600::1 is reserved for the router, which links our web server to the rest of the internet. We added 2 lines to a FreeBSD configuration file, and rebooted the server:

ifconfig_xn0_ipv6="inet6 2607:fc50:1:f600::2"
ipv6_defaultrouter="2607:fc50:1:f600::1"

Adding an AAAA record to your DNS

For other IPv6 users to find quinnlabs.com, we had to update our DNS with an AAAA record. AAAA is the DNS record type for IPv6 addresses (A is the record type for IPv4) addresses. So we updated our DNS configuration using our DNS provider’s web site:

Our DNS AAAA record

Our DNS AAAA record

The name of the record is @, which is DNS shorthand for “this domain”; so in our case it stands for “quinnlabs.com”.

Trying out IPv6 on your computer

Your Public IP Address: 2600:1010:b01e:737b:8502:194e:6e44:a9b0

Your Public IP Address: 2600:1010:b01e:737b:8502:194e:6e44:a9b0

The “computer” most likely to already have an IPv6 address is your smartphone. Here’s an iPhone screenshot of whatismyip.com, a service that tells you what your public IP address is.

To try this on your phone, make sure it is not on a WiFi network, but is using the cellular network.

Many ISPs do not have IPv6 service yet, but that doesn’t mean you can’t try out IPv6 on your computer.

To check out IPv6 on your conventional PC or laptop, the first thing to do is see whether you have IPv6 already. You can do that by visiting Test IPv6. You’ll get a quick report about your IPv6 connectivity.

If you don’t have IPv6, you can create a “tunnel” from your IPv4 network on Hurricane Electric’s free tunnel broker. You’ll need to register, then use the link to Create Regular Tunnel. This is a one-time setup. On future visits, you can just re-use the tunnel you create initially.

Once you’ve created your tunnel, visit its detail page. On the “Example Configurations Tab,” choose your operating system.

For example, for Mac OS X, you’ll see commands like these:

ifconfig gif0 create
ifconfig gif0 tunnel YOUR.PUBLIC.IP.168 64.62.134.130
ifconfig gif0 inet6 ZZZZ:WWWW:WWWW:781::2 ZZZZ:WWWW:WWWW:781::1 prefixlen 128
route -n add -inet6 default ZZZZ:WWWW:WWWW:66:781::1

On recent versions of OS X, you don’t need the first command. In the second command, replace the address where we’ve put “YOUR.PUBLIC.IP.168” with the address shown in the network preferences advanced TCP/IP panel, as shown below.

Network preferences

Network preferences

When you actually execute these commands, you’ll need to do them as root, so prefix them with sudo.

Once you do the commands, your system will have IPv6 access through the tunnel. Revisit Test IPv6 to see the changes.

The tunnel will work until you reboot or change networks. The changes aren’t sticky, so, if you should run into problems, rebooting will clear them up. Whenever you reboot or change networks, re-do the commands with your new network’s information.

If you have a server that you can ssh into, ssh to it with the -6 option. With lsof -i :ssh, you can see your IPv6 connection, as in the example below, which shows both an IPv4 and an IPv6 connection. If you don’t have lsof, you can use netstat, and look for lines starting with “tcp6”.

scalzi.quinn.com:ssh->c-XXX-XX-XXX-168.hsd1.ca.comcast.net:55427 (ESTABLISHED)
scalzi.quinn.com:ssh->XXX-1-pt.tunnel.tserv29.fmt1.ipv6.he.net:55455 (ESTABLISHED)

Note: addresses above have been obfuscated.

About the Author

  • fred

    Fred Condo

    Fred has a Ph.D. in the Management of Information Systems and Cognitive Psychology from Claremont Graduate School, and is Chief Engineer at Quinn Interactive. He taught a graduate level class, “Principles of Usability” at the Academy of Art in San Francisco, and was an Assistant Professor in the Communication Design department at California State University, Chico for 6 years, teaching web development and human factors. Fred got into SilverStripe in 2008. He has made 35 commits to the SilverStripe framework repository, which makes him the 36th-most prolific contributor to the project (as of November 2014). You should follow him on GitHub here.

    More from Fred Condo