IPv6 – enabling the last services – SSH, HTTP, SMTP

In this post, I’ll finish up the “usual services” for my home network. So far I’ve got IPv6 routing and DNS. Now I just want to confirm that I’ve got the rest of my “core services” accessible via IPv6.

(I’ve decided that I don’t need DHCP6 for my particular network, so I’ll be skipping that.)

My remaining core services are: SSH, HTTP and SMTP.

The SSH daemon (sshd) has been configured to listen on both IPv4 and IPv6 by default for years. In fact, it attempts to listen on the IPv6 port, even if you don’t have IPv6 enabled on the host OS. In my case specifically (OpenSSH_5.8p1 Debian-7ubuntu1, OpenSSL 1.0.0e 6 Sep 2011), I was able to “ssh ::1” as soon as I had eth0 set up with an IPv6 address.

As for HTTP, Apache 2 (Apache/2.2.20 (Ubuntu)), there were no config changes needed. Apache2 will listen on all the addresses (IPv4 and IPv6) that are configured when the daemon starts. All that was needed was a “server apache2 restart” once the IPv6 address was configured, and the web server began answering IPv6 requests.

SMTP turns out to be a little harder. Postfix doesn’t listen on IPv6 ports by default.  You need a few config file changes in main.cf:

# listen on IPv4 and IPv6
inet_protocols = all
# add IPv6 networks to mynetworks
mynetworks = [::1]/128 [fe80::]/10 [2001:470:67:84::]/64

Then make sure you have an MX record that leads to a AAAA record, do a quick “server postfix reload”, and you’re good to go.

This wraps us the series on my home IPv6 network. There will continue to be IPv6-related posts, and I’ll be writing about our work IPv6 network beginning in mid January.

Thanks for stopping by, and if you liked the IPv6 series, please let me know or +1 this post. You can also find me on Twitter as @tomperrine



%d bloggers like this: