IPv6 & Linux - HowTo - Part 4
Version: 3.19c from 2001-06-14
(P) & (C) 1997-2001 by Peter Bieringer <pb@bieringer.de>,
see copyright notice for
more details
Original site of publishing: http://www.bieringer.de/linux/IPv6/;
suggestions, comments and improvements are welcome!
Additional Applications
If you miss hint for the old inet6-apps based stuff, please goto Obsoletes
This section is now in building progress again, using glibc-2.1 based
software...growing slowly (depending on given time)
For quickstart, look at given URLs on the status
page
Contents
-
Electronic mail (SMTP & POP)
-
World Wide Web (HTTP)
-
Network autoconfiguration
-
Secure shell for protected connection over the Internet
-
TCP Network throughput measurements
apache (HTTP server)
Why?
apache is a widely used HTTP server and IPv6 enabled by the KAME
project
URLs:
Additional information:
-
For apache2 testers: (current in beta state) compiles normally clean
with native IPv6 support
By me tested version and filename:
-
1.3.14:
-
1.3.19:
-
Additional information: patch and configure options for EAPI and SSL are
disabled because of interferences with the IPv6 enabling patch
Contents:
After rebuild a complete apache package
Rebuilding of packet, installation
-
Install SRPMS (destination is normally /usr/src/redhat/SOURCES/):
-
rpm -ihv apache-version-release.src.rpm
-
Copy the IPv6 enabling patch also to source directory:
-
cp pathto/apache-version-v6-ipv6-release.diff.gz
/usr/src/redhat/SOURCES/
-
Copy the new SPEC fileMove into the source directory:
-
cd pathto/apache-specfile-version.spec /usr/src/redhat/SPECS/
-
Rebuild package (good luck!)
-
rpm -ba /usr/src/redhat/SPECS/apache-specfile-version.spec
-
You should get 3 new packages afterwards (stored in /usr/src/redhat/RPMS/i386/)
-
apache-version-release+IPv6.i386.rpm
-
apache-devel-version-release+IPv6.i386.rpm
-
apache-manual-version-release+IPv6.i386.rpm
-
Make a backup of your existing apache configuration
-
tar czf /root/httpd-conf-`date +'%Y%m%d-%H%M%S'` /etc/httpd/conf/
-
Install (be sure what to do):
-
Replace existing package
-
rpm -Fhv /usr/src/redhat/RPMS/i386/apache-version-release+IPv6.i386.rpm
-
Install on a native system
-
rpm -ihv /usr/src/redhat/RPMS/i386/apache-version-release+IPv6.i386.rpm
-
Configure and restart the service (you should know how to do this...)
Configuration
Be sure to enable only the really needed modules in /etc/httpd/conf/httpd.conf.
Each more module can be a potential security hole. For normal run, only
following modules are needed:
config_log_module, agent_log_module, referer_log_module, mime_module,
negotiation_module, includes_module, autoindex_module, dir_module,
alias_module, access_module, auth_module, setenvif_module
Here is an example of a configuration shown for an IPv6 only listening
virtual webserver:
<VirtualHost 3ffe:400:100::1>
ServerAdmin webmaster@bieringer.de
ServerName www.ipv6.bieringer.de
DocumentRoot /somewhere/pub
CustomLog "/somewhere/logs/www.ipv6.bieringer.de-log" combined
ErrorLog "/somewhere/logs/www.ipv6.bieringer.de-error"
<Directory "/somewhere/pub">
AllowOverride AuthConfig Limit
Options None
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
thttpd (HTTP server)
Why?
thttpd is a native IPv6 supporting HTTP server (not fullfeatured
like apache, but has native IPv6 support
and can be configured to be very secure!)
URLs:
By me tested version and filename:
http://www.acme.com/software/thttpd/thttpd-2.20.tar.gz
Contents:
| Application |
Path |
Description |
| thttpd |
/usr/local/sbin/thttpd |
HTTP server |
Unpacking, configuration and installation
Similar to other software packages described here
Source package contains configure, therefore no special hints
are needed.
See included INSTALL and README for details
-
Move into the source directory:
-
Unpack the new source:
-
tar xzf pathto/thttpd-version.tar.gz -C
/usr/src
-
Move into the source directory:
-
cd /usr/src/thttpd-version
-
Run configure
-
Now compile:
-
make clean; make
You should get no errors!
-
And install:
-
make installthis; make install-man
Manual and binary are copied (normally) to the directories in /usr/local
See online manpage for further details.
Hints:
-
By specifying an IPv6 address for binding to (e.g. with option "-h"),
thttpd
will bind only to that and not to other IPv4 addresses. So you can setup
an IPv6 only HTTP server!
-
You cannot bind to an IPv6 only port, if this port is already bind by an
IPv4 application with "bind option *"
-
I got this in the case of a running IPv4 apache on the same host
-
Solution: change apache binding to a dedicated IPv4 address
-
old: Listen *:80
-
new: Listen 192.168.1.1:80
mozilla (HTTP client/browser)
Why?
mozilla is a native IPv6 supporting HTTP browser
URLs:
By me tested version and filename:
Binaries: mozilla-i686-pc-linux-gnu-sea-20010102
Contents:
| Application |
Path |
Description |
| mozilla |
/opt/mozilla |
HTTP browser |
Unpacking, configuration and installation
Perhaps additional needed RPM packages for compiling: glib-devel,
gtk+-devel,
ORBit-devel
If "configure" informed you that there are missing also other
things, try my utility rpmfsu
to find the relating RPM package.
Similar to other software packages described here
Source package contains configure, therefore
no special hints are needed.
See included INSTALL and README
for details
Hint: for compiling this tarball, you need about
1.3
GByte disk space (and in my case don't run afterwards).
But don't be worry, the available binary tarball
is already IPv6 enabled. Unpack the binary package somewhere and run "mozilla"
in the binary directory.
-
Change to directory /opt
-
Unpack tarball
-
tar xzf pathto/mozilla-i686-pc-linux-gnu-version.tar.gz
-
Rename created directory
-
Run mozilla
A list of sites for testing IPv6 HTTP transport is
available at IPv6.org: http://www.ipv6.org/v6-www.html
You can also try my server at home, perhaps I'm
online, dynamic tunnel is up and my IPv6 only webserver is running:
http://gate.muc.ipv6.bieringer.de/
Router ADVertisement Daemon
Maintained by Lars Fenneberg <lf@elemental.net>,
extended by Nathan Lutchansky <lutchann@litech.org>
Why?
If you want to test IPv6 subnet autoconfiguration initialized by Linux
routers therefore you need the router advertisement daemon.
URLs:
Version and filename of the packet:
Latest version I have tested is radvd-0.6.2pl3-1.src.rpm,
installed as RPM package after a local rebuild
Additional information:
-
There is a known but still unsolved problem using 0.6.2 with a Linux kernel
2.2.x with an older USAGI-patch.
-
Error message in syslog:
can't join ipv6-allrouters on eth0
syntax error in config file: /etc/radvd.conf
-
Problem of USAGI-patch, should be fixed in latest release
-
Other temporary solution: use 0.5.0 instead or a kernel 2.2.x without
USAGI patch (second should be for routers not critical)
-
The version distributed with RH 7.1 powertools has a bug in the startup
script:
-
Fix:
-[ x${NETWORKING_IPV6} = "xyes" ] && exit 0
+[ x${NETWORKING_IPV6} = "xyes" ] || exit 0
Contents:
| Application |
Path |
Description |
| radvd |
/usr/sbin/radvd |
Router advertisement daemon |
| radvdump |
/usr/sbin/radvdump |
Router advertisement dump (debug) |
Package: Rebuilding and installation
-
Rebuild package
-
rpm --rebuild your-path/radvd-version.src.rpm
-
Install package
-
rpm -ihv /usr/src/redhat/RPMS/target/radvd-version.target.rpm
Tar-Ball: Unpacking, compilation and installation (last
review on 0.5.0)
-
Move into the source directory, create a main directory and change into
it
-
cd /usr/src; mkdir radvd; cd radvd
-
Unpack the new source:
-
tar xzf your-path/radvd-version.tar.gz
-C /usr/src
-
Move into the source directory:
-
cd /usr/src/radvd-version
-
Configure the compile options:
-
./configure --sysconfdir=/etc
-
Now compile:
-
make clean; make
You should get no errors!
-
And install:
-
make install
Manual and binary are copied to the subdirectories in /usr/local
-
Copy the radvd.conf sample into the config directory:
-
cp radvd.conf.example /etc/radvd.conf
-
Install the startup script file, an example you can get here /etc/rc.d/init.d/radvd
-
cp radvd /etc/rc.d/init.d/
-
Check given values in the startup script file /etc/rc.d/init.d/radvd
# Location of radvd binary
BINRADVD="/usr/local/sbin/radvd"
# Location of radvd config file
CONFRADVD="/etc/radvd.conf"
# Additional RADVD options (see manpage for more details=
OPTIONSRADVD=""
# No additional option
General: Configuring and starting
-
Set proper values by editing the config file /etc/radvd.conf
-
Try starting
-
/etc/rc.d/init.d/radvd start
-
If ok, take a look into the syslog (where radvd normally log events)
-
tail -f /var/log/daemon or tail -f /var/log/messages
(depending on the settings in your syslog config file /etc/syslog.conf)
Secure SHell (OpenSSH)
IPv6-enabled by the maintainers
Why?
The original ssh can't handle IPv6 addresses and can't be used in a mixed
environment. So a ported version is needed.
URLs
-
Main site: http://www.openssh.com/
-
RedHat RPM packages
-
for 6.2 the OpenSSL as binary at ftp://ftp.redhat.com/redhat/updates/6.2/
-
for 7.0: included in distribution
Additional information:
Because of a major security issue, you should update
to versions 2.5.2 or higher immediately!
Version and filename of the packet:
Latest version I've tested for IPv6 are openssl-0.9.5a
+ openssh-server-2.3.0p1
+ openssh-2.3.0p1
+ openssh-clients-2.3.0p1(but
please use always the newest version!)
Installation:
-
Download RPM packages, remove existing ssh-RPMs (if already installed)
and install openssl and openssh packages
Configuration:
-
For enabling option to bind on IPv6 port edit the
configuration file: /etc/ssh/sshd_config
-
#ListenAddress 0.0.0.0
-
ListenAddress ::
-
Add "-6" in startup script to enable IPv6:
/etc/rc.d/init.d/sshd
-
/usr/sbin/sshd -6 && success "sshd
startup" || failure "sshd startup
Usage:
-
Test, if sshd listen on IPv6 port:
[root@gate i386]# netstat -A inet6 -ln | grep 22
tcp 0
0 :::22
:::*
LISTEN
-
Client using IPv6:
-
ssh -6 ipv6address
-
ssh -6 hostname.ipv6.domain.net
-
Hint: don't worry, if you see no listening IPv4 port, an connect over IPv4
will work, too, client using IPv4:
Troubleshooting:
-
Trouble: sshd is suddenly gone in the process list and you can
no longer connect via SSH (and also, no LISTEN port is seen), this might
be happen because the precompiled openssh-RPM is strange and perhaps not
compiled with the latest kernel source (2.2.16)
-
Solution: rebuild the SRPM openssh-2.1.1p4-1.src.rpm
with
-
rpm --rebuild package.src.rpm
-
Builded binary packages are found after compiling at /usr/src/redhat/RPMS/i386/
TTCP
IPv6-ported by Marc Mosthav <MOSTHAVM@plcman.siemens.co.uk>,
minor glibc-2.1 fix by Peter Bieringer <pb@bieringer.de>
Why?
It's for measuring the TCP network throughput from one host to another.
The original software can't handle IPv6 addresses and can't be used
in a mixed environment. So a ported version is needed.
Version and filename of the packet:
Current IPv6 enabled release is ttcp/ttcp+ipv6-2.tar.bz2
Contents:
| Application |
Path |
| ttcp6 |
/usr/local/bin/ttcp6 |
Unpacking, configuration and installation
-
Move into the source directory, create a main directory and change into
it
-
cd /usr/src; mkdir ttcp; cd ttcp
-
Unpack the new source:
-
tar xIf your-path/ttcp-version.tar.bz2
-
Move into the source directory:
-
Now compile:
-
make clean; make
You should get no errors!
-
And install:
-
make install
The binary is copied to the directory /usr/local/bin
Usage:
-
Server: ttcp6 -r
-
Client: ttcp6 -t HOSTNAME
Try also ttcp6 {-?|-h} for more information.
PTCP
IPv6-ported by Marc Mosthav <MOSTHAVM@plcman.siemens.co.uk>,
minor glibc-2.1 fix by Peter Bieringer <pb@bieringer.de>
Why?
It's for measuring the TCP network throughput by roundtrips.
The original software can't handle IPv6 addresses and can't be used
in a mixed environment. So a ported version is needed.
Version and filename of the packet:
Current IPv6 enabled release is ftp://ftp.bieringer.de/pub/linux/IPv6/ptcp/ptcp+ipv6-2.tar.bz2
Contents:
| Application |
Path |
| ptcp6 |
/usr/local/bin/ptcp6 |
Unpacking, configuration and installation
-
Move into the source directory, create a main directory and change into
it
-
cd /usr/src; mkdir ptcp; cd ptcp
-
Unpack the new source:
-
tar xIf your-path/ptcp-version.tar.bz2
-
Move into the source directory:
-
Now compile:
-
make clean; make
You should get no errors!
-
And install:
-
make install
The binary is copied to the directory /usr/local/bin
Usage:
-
Server: ptcp6 -s
-
Client: ptcp6 -c HOSTNAME
Try also ptcp6 {-?|-h} for more information.