Welcome IPv4 user

One year on

It has been almost a year since my last post here. The first World IPv6 Day has come and gone. There is now a little more awareness of IPv6 - which is definitely a good thing. But looking back on what I was blogging about a year ago and I realise that very little has actually changed.

I helped out with getting South Africa's biggest technical news and discussion site turned up for IPv6. MyBroadband got a AAAA record just in time for IPv6 Day and since then its been uneventful. More on that another day.

I was quite surprised when talking to a local cloud server provider that they were under the impression that World IPv6 Day was the first time that IPv6 had been used for real stuff. Paraphrasing their response slightly: "The first tests with IPv6 were only completed a few weeks ago. We don't think that there is any reason for us to be deploying such an immature technology"

Another person still stuck in the first phase of their mourning for the demise of IPv4 - DENIAL.


exim over IPv6 on cPanel

Exim has a mature IPv6 implementation and it is likely to be the first thing to start using the IPv6 connection you setup on your cPanel server. Most other services will only be used when you add a AAAA record to the relevant DNS zone.

Since SMTP also makes outbound connections it will immediately attempt to use IPv6 when attempting to communicate with other IPv6 capable mail servers. For this reason care should be taken when enabling IPv6 as it can potentially cause mail delivery problems. Ensure that at the very least the rDNS entries for your server's IP are correctly configured.

My biggest concern with mail delivery over IPv6 is that many antispam solutions do not properly understand an IPv6 address. Depending on how well a particular server is setup it may accept IPv6 mail or potentially discard it randomly and unpredictably. It is important to be reviewing you logs to identify mails that are being delivered (or not) over IPv6.

Configuring inbound mail also requires some care to ensure that your spam filters do not reject IPv6 email. It is currently fairly safe to apply an accept all rule matching all IPv6 mail but this is not going to continue.

cPanel normally uses the same A record for your website and your mail. For this reason I suggest that you don't just add a AAAA to your sites main hostname since this will cause slowdowns on your website if your IPv6 setup is not perfect. The solution to this is to add a new A record for specifically for mail: mx.yourdomain.co.za. Then add an AAAA for the same hostname and adjust your MX records to point to your new hostname.

You then want to get someone to send you mail via IPv6. The easiest way to do this is to join a mailing list that runs on IPv6 enabled servers.


An IPv6 enabled cPanel server

This is the first in a series of posts about getting cPanel ready for IPv6. The developers of cPanel have claimed that IPv6 is on their roadmap but have as yet not even released an ALPHA with IPv6 capabilities. This is surprising since almost all the underlying services that that cPanel manages already have IPv6 support and many of them are trivial to activate.

cPanel uses bind under the hood to provide DNS. Bind has mature IPv6 support and is the ideal candidate for getting going with a dual-stack cPanel environment.

cPanel is capable of loading AAAA DNS records into DNS zones. These AAAA records are the primary IPv6 DNS records for mapping a hostname to an IPv6 address. This can be done via the 'Edit DNS zone' feature that is available in the WebHost Manager but is not available on the simple DNS editor in the cPanel interface.

Serving AAAA responses is one thing but you also want your DNS server to communicate on IPv6. The first step is to make sure that your server has IPv6 connectivity. This can be checked by loging in via ssh and running the command 'ping6 ipv6.google.com'. Once you are happy that you have a working IPv6 connection you can proceed to the next step:

This step requires that you are the root user on the server. You need to open the file '/etc/named.conf' in your favourite terminal text editor. You then need to add the line

listen-on-v6 { any; };

after the line

options {

You can then save the file and restart the nameserver via the web interface. If all goes well your server will be answering IPv6 DNS queries.

You can test this firstly by doing a 'dig www.mydomain.com @::1' where ::1 is the IPv6 equivalent of localhost. If that works correctly then you want to test a DNS query from another IPv6 enabled host. You know have IPv6 capable DNS servers.