Feeds

Adventures in Tech: Dive on in, the IPv6 is lovely

Blub blub blub, no really it's great

  • alert
  • submit to reddit

The next step in data security

What's in AAAA name?

The final step to your 128 bits of fame is to set up DNS records for the IPv6-enabled server. Initially I'm not going to bother with reverse-lookup (PTR) records, though I will do so eventually.

So all I need is the forward mapping from my example.com name to the IPv6 raw address. For an IPv4 address that's an 'A' record in DNS lingo. For an IPv6 address, with 4 times as many bits, it's an 'AAAA' record. Humour: we've heard of it.

That new record looks something like this:

ipv6.example.com. IN AAAA WWWW:XXXX:YYYY:ZZZZ::2

All my DNS stuff is built with scripts which build BIND9 config files from a hosts file, and I haven't yet adjusted them to recognise IPv6 addresses yet, so I had to slip the new record by pretending it was a mail record for now. Another rough-edge to clear up later!

But now with that AAAA record published and propagated I can put...

http://ipv6.example.com/

...in the browser on my MacBook and, ta-da, I'm in like Flynn!

After I'd tested that to my satisfaction I also added an AAAA record for example.com alongside the existing A records, so anyone enabled for IPv6, without any further effort and using the same search engine or URL, may silently get to use a IPv6 connection to the site instead.

And indeed, after a day or so to let the DNS records finish propagating, about 0.2 per cent of the traffic to my example.com site is over IPv6 with no other changes. I can see from the logs what appear to be fairly normal browsing patterns.

The site has risen without a trace!

Scouting for browsers

As described above there are various jobs to be done to make everything more robust, such as the reverse lookup (from IPv6 address to name) PTR records, the geo-location stuff, even putting IPv6 glue records in DNS ensuring that an IPv6-only client could get to the new server starting with the URL.

There are some more subtle tasks such as not handing out IPv4 addresses or IPv4-only URLs to clients that arrive over IPv6, in case they are not dual-stack, though that should be very rare for now.

But, all in all, the upgrade was a fairly painless journey and ensures that I'm well prepared as more traffic, eg, from mobile devices, is over IPv6.

Give it a whirl yourself, with a stealthy IPv6 launch. Get your pilot projects done sooner than later: be prepared, not panicked. ®

Bootnote

Security and trust: The backbone of doing business over the internet

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Apple CEO Tim Cook: TV is TERRIBLE and stuck in the 1970s
The iKing thinks telly is far too fiddly and ugly – basically, iTunes
Huawei ditches new Windows Phone mobe plans, blames poor sales
Giganto mobe firm slams door shut on Microsoft. OH DEAR
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
OECD lashes out at tax avoiding globocorps' location-flipping antics
You hear that, Amazon, Google, Microsoft et al?
Show us your Five-Eyes SECRETS says Privacy International
Refusal to disclose GCHQ canteen menus and prices triggers Euro Human Rights Court action
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.