The Computer Networking module at my university didn’t seem to cover IPv6 in any great depth. It appears Surrey University haven’t even thought about providing IPv6 DNS records to any of their servers yet. But they do allocate IPv6 addresses to every user on the network (WiFi and ResNet I’ve found so far, but not the lab computers).
I decided to try and get IPv6 rolled out across all the domains on my VPS (perfectly hosted by bitfolk). This involved configuring IPv6 addresses for my VPS’ network interface, adding IPv6 AAAA records in my DNS server, setting up reverse DNS records for the IPv6 addresses I use, and making sure that my name servers have IPv6 AAAA records and glue records at my domain registrar. My VPS provider assigns each VPS a /64 of IPv6 space. I think that will be plenty of IP addresses for my needs 🙂
First problem I encountered was I failed to set up ip6tables correctly. Being used to using the simple ufw, which manages iptables for you, I had failed to think that ip6tables was filtering and then dropping my IPv6 packets! So once I understood properly how iptables worked, I was able to open up IPv6 traffic to my VPS (thanks @grifferz). Next I assigned 4 IPv6 addresses to my network adapater, after disabling auto configuration for IPv6.
I then added AAAA DNS records for the domains I host. So if you have IPv6 connectivity, you should now be viewing this blog over IPv6! AAAA DNS records are just like the A records but instead point to an IPv6 address, rather than IPv4. I then made sure that I had AAAA records for my DNS servers too.
Now my email. I have used Google Apps to host my email for a few years now. The main reason I use them is their excellent spam filter. But I was quite surprised to find that the MX servers they ask you to use aren’t IPv6 ready. And I can’t see anywhere that suggests this will be available in the near future.
I’ve been following through the he.net free IPv6 certification to make sure that I’m doing everything right. It’s been good to check that I’m doing everything correct and to understand what exactly I’m doing. Their tunnel service has also been useful for testing.
But by going through their free certification, I discovered glue records. I had always wondered how some domains have name servers defined under the same domain. For example andrewgee.org now has a name server of ns1.andrewgee.org. Glue records allow you to define these name servers at the registrar of your domain, by supplying the IP address of the name server. Now this doesn’t seem to be a widely supported feature, with few registrars allowing both IPv4 and IPv6 addresses for a name server. I’ve found a number of registrars that claim to, but I’m still waiting for their support departments to ensure this works for .uk domains.
So it hasn’t been a wasted easter break so far. I’d better get to some coursework soon, though.