Table of Contents:
Now that I have successfully managed to implement IPv6 IP addressing in my home network: what’s it like? Was it worth it?
I’ll be honest. There’s a tangible speed up when accessing some websites, but that’s about it. I’m sure there’s other benefits happening in the background, but for the moment, that’s the only difference I can discern. 😁
It took some work
It did indeed. Regular readers will know I run a test webserver on my home network, a filtering DNS server (Pi-Hole) and an internet-based VPS webserver.
Deciding to go all-out with IPv6, those had to be configured to accept IPv6 traffic as well as IPv4. Not difficult tasks, but ones that required a bit of thought.
IPv4 by default
The majority of home networking is still based on IPv4. No problem for most people, as all the network stuff happens in the background. But operating systems such as Windows and Ubuntu actually favour using IPv6 network, if they’re available. So the goal is to make IPv6 available to all my internal devices and my internet-based webserver.
Pi-Hole and internal webserver
These two servers are the only devices in my home network that require static IP addressing. I didn’t really see the point in setting up DHCP with MAC addressing to allocate static addresses for them, as there’s only two of them. I know what my IPv6 prefix is for my network, so it was an easy job just to create two static IPv6 addresses and apply it to the network interfaces.
Testing with IPv6 pings from Windows (ping -6) verified that I could reach the requisite servers.
Pi-Hole
For the Pi-Hole server, that was almost it. It now had an IPv6 address and I could look up DNS records from it using IPv6 lookups (nslookup -6) and it would return internet addresses in IPv6 format successfully. When I configured the secure DNS lookup, I configured the Quad9 servers using a DNS name (rather than an IP address), so if the Pi-Hole server looks up an address using IPv6, it’ll return the IPv6 result.
The only thing I had to manually do was enter the local IPv6 addresses of the two static servers and the IPv6 address of the router in the local DNS lookup table. And that was it!
The internal webserver
This was slightly more involved. Once the IPv6 address had been applied to the interface (and the correct routing and gateways configured), the nginx server and hosted domains had to be made aware of IPv6. This meant enabling IPv6 for port 443 (https) for all hosted sites, along with the requisite IPv6 DNS entries in the server’s internal BIND9 server. A task made a lot easier by using Webmin and Virtualmin, I might add.
I restrict access to any port other than 443 (https) on the webserver, which would also apply to IPv6. I know what my IPv6 prefix is, so an update to the existing IPv4 Firewalld rules to restrict access to my home network only was straightforward enough to do using IPv6 orientated rich rules.
A bit of verification using pings and looking at the web site access logs confirmed that I was accessing the websites using IPv6.
I use Webmin (and Virtualmin) to manage my web site domains on the webserver: that too needed some configuration for IPv6. Making sure IPv6 access was enabled and restricting IPv6 access for my local network.
Internet webserver
Readers of this post will know that I gave up Amazon Web Services in favour of my own rented VPS. A partial reason for that (apart from disliking Amazon) was that if you wanted IPv6 on AWS, you were obliged to pay for it. IONOS 1&1 (who now hosts my VPS) provides an IPv6 IP address free of charge.
It was easy enough to request an IPv6 address and add it to the server. The server has DHCP networking (standard for a hosted server) so a refresh of the network interfaces applied the new IPv6 address.
Configuring the web sites, Webmin and Firewalld was exactly the same as for the internal webserver, but of course using my allocated IPv6 prefix from IONOS.
Once I’d checked that I could access the server services from only my home network devices, I was good to go (as they say).
Wi-Fi Extenders
Now that I’d configured IPv6 all over the place, you’d think it’d work everywhere, wouldn’t you. But no. I can access everything using IPv6 from any home device, as long as it was connected to my home router. As soon as a device moved from the home router to one of my two Wi-Fi extenders, IPv6 stopped working and things went back to IPv4.
A Brave search later (for I use Brave browser nowadays) revealed that most Wi-Fi extenders (for home use) don’t support IPv6. It’s not an issue for me, as I don’t use anything that requires only IPv6 (yet), but still. It’s a poor show on the part of the home network equipment manufacturers not to support IPv6 on things like range extenders. Routers, yes. Extenders, no.
To conclude
Was all of this IPv6 malarkey worth doing? I’d say yes. If nothing else, it’s taught me a good deal about IPv6 and how it works. OK, I’ve probably just barely scratched the surface of it, but I have an understanding of how it works, I’ve managed to successfully make it work in my home networks and my internet-based web server. My perception is that some things open a bit faster, but that could be my imagination!
All-in-all I could have probably not bothered and continued with IPv4. But then I wouldn’t have had the distraction, or gained a bit more knowledge (for me to forget later!).
And of course, if the world suddenly does decide to discontinue IPv4, I’m ready. 👌