Feeds

Adventures in Tech: Dive on in, the IPv6 is lovely

Blub blub blub, no really it's great

  • alert
  • submit to reddit

Internet Security Threat Report 2014

What's in AAAA name?

The final step to your 128 bits of fame is to set up DNS records for the IPv6-enabled server. Initially I'm not going to bother with reverse-lookup (PTR) records, though I will do so eventually.

So all I need is the forward mapping from my example.com name to the IPv6 raw address. For an IPv4 address that's an 'A' record in DNS lingo. For an IPv6 address, with 4 times as many bits, it's an 'AAAA' record. Humour: we've heard of it.

That new record looks something like this:

ipv6.example.com. IN AAAA WWWW:XXXX:YYYY:ZZZZ::2

All my DNS stuff is built with scripts which build BIND9 config files from a hosts file, and I haven't yet adjusted them to recognise IPv6 addresses yet, so I had to slip the new record by pretending it was a mail record for now. Another rough-edge to clear up later!

But now with that AAAA record published and propagated I can put...

http://ipv6.example.com/

...in the browser on my MacBook and, ta-da, I'm in like Flynn!

After I'd tested that to my satisfaction I also added an AAAA record for example.com alongside the existing A records, so anyone enabled for IPv6, without any further effort and using the same search engine or URL, may silently get to use a IPv6 connection to the site instead.

And indeed, after a day or so to let the DNS records finish propagating, about 0.2 per cent of the traffic to my example.com site is over IPv6 with no other changes. I can see from the logs what appear to be fairly normal browsing patterns.

The site has risen without a trace!

Scouting for browsers

As described above there are various jobs to be done to make everything more robust, such as the reverse lookup (from IPv6 address to name) PTR records, the geo-location stuff, even putting IPv6 glue records in DNS ensuring that an IPv6-only client could get to the new server starting with the URL.

There are some more subtle tasks such as not handing out IPv4 addresses or IPv4-only URLs to clients that arrive over IPv6, in case they are not dual-stack, though that should be very rare for now.

But, all in all, the upgrade was a fairly painless journey and ensures that I'm well prepared as more traffic, eg, from mobile devices, is over IPv6.

Give it a whirl yourself, with a stealthy IPv6 launch. Get your pilot projects done sooner than later: be prepared, not panicked. ®

Bootnote

Internet Security Threat Report 2014

More from The Register

next story
Scrapping the Human Rights Act: What about privacy and freedom of expression?
Justice minister's attack to destroy ability to challenge state
WHY did Sunday Mirror stoop to slurping selfies for smut sting?
Tabloid splashes, MP resigns - but there's a BIG copyright issue here
Google hits back at 'Dear Rupert' over search dominance claims
Choc Factory sniffs: 'We're not pirate-lovers - also, you publish The Sun'
EU to accuse Ireland of giving Apple an overly peachy tax deal – report
Probe expected to say single-digit rate was unlawful
Inequality increasing? BOLLOCKS! You heard me: 'Screw the 1%'
There's morality and then there's economics ...
While you queued for an iPhone 6, Apple's Cook sold shares worth $35m
Right before the stock took a 3.8% dive amid bent and broken mobe drama
4chan outraged by Emma Watson nudie photo leak SCAM
In the immortal words of Shaggy, it wasn't me us ... amirite?
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.