I have been running Webmin / Virtualmin for numerous years but have always run ip4. My new servers offer extra ipv6 addresses which I am looking into.
The primary server is a 12 thread (6 core) with 64GB memory and 500GB storage plus addition NFS storage. The second server is only a 12 thread with 4 GB memory and 256GB store. Currently everything is running on a third server (8 thread 4 GB) while I set up the new ones.
I am looking at extending the offerings of hosting services to the local area and so am in the process of setting up services required and hence the purchase of new servers.
I was wondering about offering dedicated ipv6 addresses rather than sharing the limited number of ip4 addresses I have access to.
Is this feasible and does virtualmin support ipv6 fully.
I haven’t got the new servers public yet, but have them fairly well set using ip4 including postfix with SNI, and full SSL support etc. but have limited number of ip4 addresses on offer. I run CentOS 7.9 at the moment. I want to ensure every domain is on their own as such, when it comes to settings. Their own mail settings, ftp settings, etc not host settings.
This is where I want to ensure there is full security, and encryption for each server and still offer dedicated addresses etc.
Can I have a dedicated ipv6 address and a shared ip4 address allocated to a domain for example?
I’ve had little experience with ipv6 at this stage. So any help or ideas appreciated. Someone told me I needed multiple ipv6 address for each domain - ? If so then if so should I try and get more ipv6 addresses at the start.
I’m not sure how many sites I’m hoping for but currently I have 20 odd domains and 10 or so active sites on my small server which barely causes a dent in usage. (Many people just want custom emails and landing pages.)
Also I use part of the servers for my own development and hobby so I like to keep ip address seperate from clients where-ever possible.
Currently only CentOS, Redhat, Fedora, Debian and Ubuntu Linuxes are supported for IPv6 configuration by Virtualmin.
It is possible for a system to have a shared v4 address and private v6, or vice versa. But according to the Virtualmin docs, that kind of setup is not recommended it can make diagnosing SSL certificate problems difficult.
Not sure if the recommendation is for the shared v4 address and private v6 setup or the vice-versa setup or both though. @Joe would be able to help with clarifying that part.
You don’t need multiple v6 for a single domain but getting sufficient v6 addresses would be a good idea regardless as they are aplenty and it’s always good to have extra addresses in case your clients want more for whatever reason.
With regards to setting up ipv6 on your server(s), the process is quite simple and the steps are well-documented in the docs. You can check it out here: https://www.virtualmin.com/ipv6/
Do note that Nginx+FPM seems to have weird upstream issues with ipv6 though. Not sure if the problem is with ipv6 compatibility or with my nginx/fpm configuration but there seems to be a ton of threads in ServerFault, StackOverflow and other forums mentioning the same issue.
I spoke with my server host and he has enable ipv6 and allocated a range for me to use ::2/64 subnet (::1 is used as the gateway).
I’ve added it to the network settings etc and modified the default plans to use. I’ve only tried it on a test so far.
Apparently I initially got a bit confused with address and the global address, Link local and Unique local that are used and not alloccated to each node etc. (IE Don’t need 3 address each).
I need to now go through webmin and virtualmin and enable and allocate where necessary the ip6 addesses.
Is there a way to get existing servers to auto allocate an ipv6 address as it does when creating new so everyone has their unique ip or do I need to go through each one and manually allocate?
Can the ip4 address be removed from each domain as that is a shared address. There doesn’t seem an option to not allocate the ip4 address.
Ony if you are sure 100% that users custommers, website visitors, connected devices and other Apps are using a 100% working ipv6 only, mostly that is then a NO
Take care of the reverse dns/ptr records at your hoster for the ipv6 you use on box
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.