Parliament Hill Computers LtdParliament Hill Computers Ltd

IPv6 for RedHat and CentOS


Overview

This machine was configured to use IPv6 in April 2009. This web page is a brief collection of notes of what needed to be done.

Head over to be congratulated once you have achived IPv6 connectivity. This site may only be reached via IPv6.

If you have not got there you may find some more hints at the ipv4 companion site.

Machine description

The machine is a virtual private server hosted by bytemark. It is running CentOS release 6 (a Linux distribution). The initial work was done when the machine was running CentOS 4.

The work that was needed on the individual components is described below. The description is what was done when the machine was converted, some details have changed since.

Operating system

Network interfaces

/etc/sysconfig/network-scripts/ifcfg-eth0, add: 

IPV6ADDR=2001:41c8:1:5076::2/64
IPV6_DEFAULTGW=2001:41c8:1:5076::1
IPV6INIT=yes

To /etc/sysconfig/network add:

NETWORKING_IPV6=yes

Firewall

Install RPM iptables-ipv6. The firewall is then constructed as per an IPv4 firewall but by using ip6tables instead of iptables.

Web server — Apache

No work was needed.

Terminal login — ssh

No work was needed.

File sharing — rsync

Rsync is started via xinetd, all that was needed was to add to /etc/xinetd.d/rsync the line (listening on IPv4 will happen anyway): 

flags = IPv6

File sharing — vsftpd

I updated /etc/vsftpd/vsftpd.conf to include the line:

listen_ipv6=YES

DNS — bind

The configuration files are under /var/named/chroot/, you might find them on your system directly under /etc/ and /var/named/. Change /etc/named.conf.

Add: 

options {
    listen-on-v6 { any; };
}

In fact the options already existed, so it was just listen-on-v6 that needed to be added.

A couple of ACLs (Access Control Lists) needed to be modified and have IPv6 addresses added: 

acl internal { 80.68.91.63; 127.0.0.1/8; 213.152.38.186; 2001:41c8:1:5076::2/64; ::1/128; };
acl world    { 0.0.0.0/0; 0::0/0; };

MTA — Exim

Exim is the MTA that is used. This is compiled from source, change Local/Makefile, add: 

HAVE_IPV6=YES

IMAP — Dovecot

Nothing was done since there were not any users wanting to reach this service over IPv6. The only access is from a webmail application, ie localhost.

Return to tutorial home.

If you want any help using the above, or have any comments or suggestions, please contact us.