How to enable IPv6 for your site (Debian with Apache)

This guide is for current Ubuntu (12.x/13.x) and Debain (wheezy) sytems with Apache 2.2.

Last week my router decided to just get a IPv6 address and no normal IPv4. Except of Google and some other big sites nothing worked anymore. So I decided to enable IPv6 for my server.

It is easy to enable IPv6 and be ready for the future. Mostly all components are already IPv6 ready, but sadly big ISPs and some servers don't use it.

Step 1:

Find out your IPv6 address range. You will get this from your server provider and it looks like 2a01:4f8:140:54e4::/64
Now we need to tell our network controller to listen to your IPv6 address. Open the file /etc/network/interface with your favorite editor.

# Loopback device:
auto lo
iface lo inet loopback

# device: eth0
auto  eth0
iface eth0 inet static
  # old IPv4 config. You don't have to touch this part.
  address   xx.xx.xx.xx
  broadcast xx.xx.xx.yy
  netmask   255.255.255.224
  gateway   xx.xx.xx.zz

# Adding IPv6 part here
iface eth0 inet6 static
  # Main address of the network - Notice the 2 at the end! 1 is the Gateway at my network.
  address 2a01:4f8:140:54e4::2
  netmask 64
  # You should get this address from your server provider.
  gatway 2a01:4f8:140:54e4::1
  # additional addresses
  # attrib.org
  up ip addr add 2a01:4f8:140:54e4::3/64 dev eth0
  down ip addr del 2a01:4f8:140:54e4::3/64 dev eth0

The second part is the interesting part. My main IP is the one with the 2 at the end. But I could picked every other IP, which is in the range given to me. But as you're always getting a complete IPv6 range we can give every single domain and sub-domain a separate IP address. To make use of this we have listen to all this other IPs too.

See the end of my configuration file with "up ip addr add 2a01:4f8:140:54e4::3/64 dev eth0" the network device eth0 also listens to the IP with the ending 3, which is the IP only this domain. You can repeat the last two lines for each sub-domain and domain you have.

Either restart your network now so these changes take effect or call from your console:

sudo ip addr add 2a01:4f8:140:54e4::3/64 dev eth0

Step 2

Next you need to add this IPv6 to your domain. This step is highly depending where you registered your domain. At best look into your control panel of your domain and look how you can add a AAAA record. Also you can look for rDNS (reverse DNS) entries and add reverse DNS entries for each IPv6 to a domain.
In my case I can directly edit the zone file of the DNS server and added the following lines:

@                        IN AAAA    2a01:4f8:140:54e4::3
www                      IN AAAA    2a01:4f8:140:54e4::3

The first line is for all sub-domains, while the second is only for the sub-domain www. As I don't have any sub-domains I just send everything to the main IP. But you could also add other sub-domains with a different IP there, as long as you added this in Step 1.

Changes in the DNS records sometimes take a while. So don't worry if you don't get your IPv6 right away. Wait a couple of hours and try again.

Step 3

Now any body with a working IPv6 network will come to your server with the IPv6 address. Only thing left is to tell Apache to deliver content to the IPv6 address.

In the standard config of apache it Listen to Port 80 on every IP, even IPv6. If you like you can stop here now and leave everything as it is and it should work.

I wanted to separate my virtual hosts so I always get the correct page, when visiting the site with the IP and not the first virtual host like with IPv4.

NameVirtualHost xx.xx.xx.xx:80
Listen xx.xx.xx.xx:80

In /etc/apache2/ports.conf I changed the "Listen 80" to "Listen [IPv4]:80".

In my virtual host file I added the Listen for the IPv6 and added the IPv6 address to the virtual host. Now the apache handles IPv6 requests correctly. In the apache configuration you have to use square brackets around your IP address like "[2a01:4f8:140:54e4::3]".

Listen [2a01:4f8:140:54e4::3]:80

<VirtualHost xx.xx.xx.xx:80 [2a01:4f8:140:54e4::3]:80>
  ServerName attrib.org
  ...
</VirtualHost>

Last thing now is to restart apache so the changes getting loaded.

Test

There is a test web site - http://ipv6-test.com/validate.php - where you can enter your domain and it checks if the AAAA record is set and the apache answers. At this point this should pass or you did something wrong. ;)

Add new comment

Filtered HTML

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <blockquote> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
By submitting this form, you accept the Mollom privacy policy.