Am 30.03.2012 20:23, schrieb Bob Hoffman: > I imagine some day in the near future there will be a switch to ipv6. Wrong. There will be no switch. IPv6 is just being added while IPv4 continues to function. Both will coexist for a long time yet. > I cannot imagine ever remembering the ip address then...crazy. Don't worry. You will. Well, not the autoconfigured ones for sure, but those you choose yourself, they'll cling to your brain after some time just as 192.168 does today. > My question, since i have never done ip6 stuff, is what does that mean > on my webservers? Not much, really. You just give them IPv6 addresses and they'll work with them just like they do with the IPv4 addresses today. > Would I just need to replace my ip4 with ip6 in my eths, bonds, bridges, > and configuration files...and copy out my iptables to ip6tables, and > change the dns servers? That would be a really bad transition plan. Don't switch - migrate. Don't replace IPv4 - add IPv6 alongside. IPv6 is designed to coexist with IPv4. > anything especially daunting to make that switch (save from someone > having to do that on 100 computers really fast!!) DNS reverse zones take some getting used to. Apart from that, it's really straightforward and doesn't differ that much from setting up an IPv4 address range: 1. Get a suitable IPv6 address range from your provider. The regular size for companies is /48, but a /56 is fine too. (If your provider is unable to give you one, get a better provider. If you have a really good reason for sticking with a provider that is so behind the times that it still cannot provide IPv6, you might use a tunnel broker, but that's a bit more complicated.) Also create an IPv6 reverse DNS zone for your address range on your DNS server and get it delegated from your provider so that you can manage reverse resolution yourself. (Otherwise you'll have to ask your provider to create every PTR RR you need for you.) 2. Configure your firewall to route and announce a /64 subnet of the IPv6 address range you got to each of your LANs. 3. Give your machines IPv6 addresses in addition to their IPv4 ones. (Many of them will have gotten one automatically already via autoconfiguration, but those aren't pretty or easy to remember, so you may want to assign another one instead or in addition.) Leave the IPv4 addresses in place so that existing connections will continue to work. 4. Add those addresses to the machines' DNS entries as AAAA records. Again, don't remove the IPv4 addresses (A records), they're still needed for communication partners who aren't IPv6 capable yet. Also add corresponding PTR records to the IPv6 reverse zone. That's it. At that point your machines will be reachable via IPv6 in addition to working with IPv4 as before. (Well, of course there'll be a lot of tedious details like logfile analyzers not understanding the IPv6 address format, access control lists needing additional entries for the new addresses, users phoning the help desk because addresses look strangely different, etc. But nothing fundamentally new or incomprehensible.) HTH Tilman