- Posted in: Admin-tips, Networks
This is going to be a really short post, but for someone it could save an hour of life.
So, you’ve nothing to do and you’ve decided to play around with IPv6 or maybe you’re happened to be an administrator of a web service that needs to support IPv6 connectivity and you need to make your nginx server work nicely with this protocol.
First thing you need to do is to enable IPv6 in nginx by recompiling it with --with-ipv6 configure option and reinstalling it. If you use some pre-built package, check if your nginx already has this key enabled by running nginx -V.
The results should have --with-ipv6 option in configure arguments:
1 2 3 4 5 | [root@node ~]# nginx -V nginx version: nginx/0.7.64 built by gcc 4.1.2 20080704 (Red Hat 4.1.2-46) TLS SNI support disabled configure arguments: --with-ipv6 ... --prefix=/opt/nginx |
After you’ve got your nginx binary with IPv6 support, you need to enable it by changing listen directives in your configuration file.
If your server binds to all interfaces/IPs, you already have listen 80 or something like that in your file. Those lines should be changed to make sure you tell your nginx to bind on both IPv4 and IPv6 addresses:
1 | listen [::]:80; |
For situations when you do not want to listen on IPv4 interfaces, there is ipv6only=on parameter:
1 | listen [::]:443 default ipv6only=on; |
For configurations that need to bind to specific ip addresses you could use similar notation:
1 | listen [2607:f0d0:1004:2::2]:80; |
After changing your configs and testing them you need to restart (not reload) your nginx process and then check your system port bindings to make sure it works as expected:
1 2 3 | [root@node ~]# netstat -nlp | grep nginx tcp 0 0 :::80 :::* LISTEN 23817/nginx tcp 0 0 :::443 :::* LISTEN 23817/nginx |
This is it, now you can add AAAA records to your main domain name or just create a dedicated ipv6.yourcompany.com sub-domain and show it to your friends 🙂