Server, perhaps connected with IPv6

Root server with IPv6-only KVM guests (IV): The IPv6-first guide


Root ser­ver with IPv6-only KVM guests

About two years ago I star­ted imple­men­ting a ser­ver set­up which is based on vir­tu­al machi­nes for the ser­vices and a phy­si­cal host orches­tra­ting them. The spe­cial fea­ture was that all vir­tu­al machi­nes are only con­nec­ted via IPv6. I only nee­ded IPv4 on the phy­si­cal host and on vir­tu­al machi­nes with ser­vices whe­re an exter­nal IP pro­to­col con­ver­si­on was impos­si­ble (hel­lo, e‑mail…).

Server, perhaps connected with IPv6

Ser­ver, perhaps con­nec­ted with IPv6

Ori­gi­nal­ly, I plan­ned five to six arti­cles in this seri­es. I publis­hed three: One about the basic set­up of the phy­si­cal host, one about the basic set­up of the vir­tu­al machi­nes and one about how to imple­ment an e‑mail ser­ver on this set­up. Unfor­tu­n­a­te­ly, things got a bit stuck after that. The arti­cles about web ser­vers, inte­gra­ti­on with Let’s Encrypt and imple­men­ting a Crypt­pad instance were somehow finis­hed but I never got them „over the line” and online.

Nevertheless, I used my com­pu­ter with all the­se sche­mes con­stant­ly (and still use it, you just read this arti­cle on it…) and even star­ted imple­men­ting it on other sys­tems. I found some mista­kes and short­co­mings in the set­up and cor­rec­ted them in the blog arti­cles. I even got some amount of feed­back from peop­le who – suc­cess­ful­ly – used my inst­ruc­tions to imple­ment the descri­bed IPv6-based ser­ver sche­mes on their own ser­vers. Mar­vell­ous!

By July 2020, two things hap­pen­ed – total­ly unre­la­ted but almost at the same time. First was a leng­thy con­ver­sa­ti­on with a rea­der of my arti­cles. He tried to imple­ment the ser­ver with Ubun­tu 20.04 and ran into stran­ge pro­blems. I also had tried this set­up once by the end of May 2020, but I did not dig real­ly deep into it and over­saw the pro­blems.

The second thing was my com­pa­ny. We deci­ded to move some pro­duc­tion sys­tems onto a new ser­ver clus­ter and tho­se ser­vers should – for the first time – also be vir­tua­li­zed and IPv6-based for the main com­mu­ni­ca­ti­on chan­nels.

Both inci­dents lead me deeper into my set­up again. I che­cked the Ubun­tu 20.04 pro­blems and was able to cir­cum­vent the pro­blem, which I think is rai­sed by the sys­temd-net­workd dae­mon. I fixed some quirks in the IPv4 con­fi­gu­ra­ti­on. I added infor­ma­ti­on about rou­ting, fixed a bunch of – well – incor­rect state­ments and over­all brought the docu­ments back in shape.

And I deci­ded, that some blog arti­cles are not suf­fi­ci­ent as base for the ongo­ing work on this docu­men­ta­ti­on. So, I moved ever­ything into Asciidoc docu­ments, reor­ga­ni­zed and sor­ted it and made a „real” lar­ge gui­de docu­ment of it (which I some­ti­mes refer to as „book”…).

So, bad news: Today, the arti­cle seri­es about IPv6 net­wor­king on KVM set­ups in this blog ends. But, good news: It is repla­ced by a much bet­ter docu­ment! Just look for

The IPv6 First Gui­de – Net­work Con­fi­gu­ra­ti­ons With Linux And KVM

Read it as HTML docu­ment on http://​ipv6​-first​-gui​de​.hill​brecht​.de.

Read it as PDF docu­ment on http://​ipv6​-first​-gui​de​.hill​brecht​.de/​i​p​v​6​-​f​i​r​s​t​-​g​u​i​d​e​.​pdf.

Or down­load or brow­se its Asciidoc sources on https://​git​hub​.com/​d​i​r​k​h​i​l​l​b​r​e​c​h​t​/​i​p​v​6​-​f​i​r​s​t​-​g​u​ide.

The gui­de does not only inclu­de the (updated) con­tent of the blog arti­cles, but also all the stuff which was unpu­blis­hed so far. Name­ly:

  • How to obtain SSL cer­ti­fi­ca­tes from Let’s encrypt
  • How to set­up web ser­vers on IPv6-only machi­nes and make them acces­si­ble from IPv4 cli­ents
  • How to install a Crypt­pad instance on a IPv6-only machi­ne and make it acces­si­ble from IPv4

The­se are rather lar­ge topics and I am qui­te hap­py that I final­ly mana­ged to publish all this stuff.

I have released the who­le gui­de under the CC-BY-SA licen­se, so feel free to get it, enhan­ce it, cor­rect it.

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert.