Beijing time, November 26, 2019 afternoon news, according to foreign media reports, the European Network Coordination Centre (RIPE NCC), which is responsible for the allocation of Internet resources in the UK, Europe, the Middle East and parts of Central Asia, announced recently that all 4.3 billion IPv4 addresses in the world have been allocated. This means that there are no more IPv4 addresses to assign to ISPs (Internet service providers) and other large network infrastructure providers. — Source network News (Sina)

On November 26, 2019, the news about the exhaustion of IPv4 addresses made a big splash in the news media.

But it seems that the application for IPv6 was opened back in 2014, maybe even earlier? But I did not go to the specific time for research. My first knowledge of IP address was that my teacher said “IPv4 is limited” in school, but at that time I didn’t have much concept of “limited”, because it was still too far away for me at that time.

Without further further, I wrote “How to upgrade Nginx seamlessly” before, and just after this happened to apply for two IPv6 nodes have completed the review, so you can experience the world of IPv6. Currently, two IPv6 nodes are applied: one is the Los Angeles node in the United States, and the other is the Hong Kong Node in China.

(Ps: China - inland nodes are not within the scope of open nodes, if necessary, it is necessary to purchase from domestic service providers. At present, it is understood that most IPv6 nodes need to pay according to the flow, which is not cheap at present)

If you use a domestic cloud server, consult customer service/technical support to determine whether the IPv6 tunnel service can be built by yourself.

At present, the result of my technical support consultation with the cloud server provider is that the third-party tunnel service is allowed to be built by myself. Of course, if there is a need, they also provide the domestic version of IPv6 network service for purchase. Specific needs specific consultation.

I can neither recommend nor guarantee that it is better. After all, I try new things with the mentality of learning.

Concrete build tutorial I will not expand to write, otherwise suspected ¥%…… & * (…

01 – The process of establishing an IPv6 service

However, the general process from the IPv4 to IPv6 establishment to the final service running can be said.

  1. The IPv6 tunnel is bound to your IPv4 address
  2. The network adapter supports and configures IPv6 information
  3. Nginx enables the IPv6 support module(It is enabled by default after the upgrade.)
  4. Nginx Server configuration updated(This is simple, and the configuration is small)
  5. Run commands to access the IPv6 address website to check whether the IPv6 network adapter works properly(Flow out)
  6. Verify that the IPv6 Nginx/ service is working properly by using test websites/tools such as IPv6 test(Flow in)

After the configuration is complete, you can access the Internet using IPv6IPv6 access to the Internet. JPG

Nginx IPv6 configuration

server {
  listen 80;  # Listening port IPv4
  listen[: :] :80;  # Listening port number IPv6

  # listen [::]:80 ipv6only=on;
  # Ipv6only =on tag needed to be added
  # I would advise you not to believe too much, unless you have a very low version of Nginx, there is a high probability that nginx-t will not pass
}
Copy the code

IPv6 Access Test (Traffic out)

ping6 -c 4 ipv6.baidu.com # Baidu is currently only accessible through a secondary domain name

ping6 -c 4 google.com # Google can be accessed directly using ipv6
Copy the code

IPv6 Service Access Test (Incoming Traffic)

In my current situation, the relevant ports, firewalls and routing rules have been configured, but the test of the deployed IPv6 Web server has not passed. It is not clear where the problem is. I’m not familiar enough with Linux to be able to pinpoint the cause at a glance, but here’s what I know for sure:

  1. The AAAA record has taken effect.
  2. DNS resolution normally points to an IPv6 address.
  3. The login to the local IPv6 Web server is normal and the log is recorded.
  4. Run the ping6 AAAA command to record the response without packet loss.
  5. The IPv6 test feedback is that the connection timed out.

02 – Related to equipment

NOTE: When behind a firewall appliance that passes protocol 41, use the IPv4 address you get from your appliance’s DHCP service instead of the IPv4 endpoint you provided to our broker. — HE.net (RFC 2473)

Note that if the current device is behind the firewall of protocol 41, use the server's own Intranet IP address instead of the IPv4 address provided by the IPv6 tunnel provider.

If it is their own server (non-cloud server) so here you need to carry out their own debugging, or consult the access line operators (large probability can not answer or let you buy IPv6 services).

The last

  1. Relatively few websites are currently accessible using IPv6.
  2. If the IPv6 service is required, you are advised to convert data from IPv6 to IPv4 to adapt to the transition period.
  3. Cloud service providers have relevant IPv6 services to be considered.
  4. At present, the websites and resources of domestic universities have begun to support IPv6, but according to the statistics, the support amount is less than 30% of the total.
  5. The IP address is accessible through IPv6International Internet, such asgoogle,youtube,twitter,facebookAnd so on.
  6. ** can learn, do not abuse, abide by the law. 支那

Copyright: this article belongs to the author Lin Lin Lin Xiaoshuai, shall not be reproduced without authorization and second modification. Reproduced or cooperation please leave a message and contact information in the background.