Infrastructure/IPv6

From FedoraProject

< Infrastructure(Difference between revisions)
Jump to: navigation, search
(geoip pain)
(todo: libowfat is done, review submitted for opentracker)
 
(9 intermediate revisions by one user not shown)
Line 24: Line 24:
  
 
# Discover and use native IPv6 connectivity if offered in each of our data centers.
 
# Discover and use native IPv6 connectivity if offered in each of our data centers.
## Telia is reported to have it
+
## Telia is reported to have it, but only for BGP customers (e.g. no us.)
## Options:  6to4 gateway server, or 6to4 on each public-facing (static IP) server.
+
## Options:  6to4 gateway server, or 6to4 on each public-facing (static IP) server.  Note: We have decided to only use native IPv6, not tunnels.
 
# Convert services one by one to serve IPv6 natively.
 
# Convert services one by one to serve IPv6 natively.
 
## Proxy Servers
 
## Proxy Servers
Line 32: Line 32:
  
 
Goals:
 
Goals:
 
  
 
== Specific resources needed ==
 
== Specific resources needed ==
* publictest instance in PHX for the 6to4 gateway and/or a proxy server which itself uses 6to4.
+
* existing resources are sufficient.  IPv6 will be enabled on existing hosts where it makes sense.
 
+
  
 
== IPv6 Capabilities by Data Center ==
 
== IPv6 Capabilities by Data Center ==
  
* PHX - unknown
+
* PHX - none available.
 
* PHX2 - hardware capable, but native routing not configured, and no plans to enable.
 
* PHX2 - hardware capable, but native routing not configured, and no plans to enable.
* telia - native IPv6 available, need address space delegations
+
* telia - native IPv6 available, but only to BGP customers.
 
* tummy - none available.  Request filed with Kevin Fenzi.
 
* tummy - none available.  Request filed with Kevin Fenzi.
 
* serverbeach - none available.
 
* serverbeach - none available.
* ibiblio - native IPv6 available, dynamic addresses assigned on ibiblio1 and its guests already.
+
* ibiblio - native IPv6 available, dynamic addresses assigned on ibiblio1 and its guests already.  Static IP range declared by us, using ::fed0:* for host address part.
 
* BU - not available yet, but testing will begin Spring 2010 with plans for production use by Fall 2010.
 
* BU - not available yet, but testing will begin Spring 2010 with plans for production use by Fall 2010.
 
* osuosl - planned by "end of summer".  Check back in a few months.
 
* osuosl - planned by "end of summer".  Check back in a few months.
Line 53: Line 51:
  
 
* proxy4 (therefore web apps behind it)
 
* proxy4 (therefore web apps behind it)
** mostly set up in ~mdomsch/puppet ipv6 branch
+
** Enabled 2009-08-31
** need another IPv6 address (not stateless autoconf) for proxy4-2, then fix manifests/servergroups/proxy.pp so the v4 and v6 addresses for all the proxy4-2 match.
+
* ns2 (DNS)
** also modules/httpd/files/00-namevirtualhost.conf
+
** Enabled 2009-08-31.  Awaiting GLUE records from our domain registrar.
 
* torrent1
 
* torrent1
** however, our current tracker, bittorrent-4.4.0-5.el5 does not support IPv6
+
** our current tracker, bittorrent-4.4.0-5.el5 does not support IPv6
 
** opentracker does.  This is not packaged in Fedora yet, but the license is beerware so could be.
 
** opentracker does.  This is not packaged in Fedora yet, but the license is beerware so could be.
* ns2 (DNS)
 
 
* publictest[1234]
 
* publictest[1234]
  
 
== TODO ==
 
== TODO ==
* branch libowfat for EL-5, build it, and build opentracker
+
* branch opentracker and build for EL-5.  [https://bugzilla.redhat.com/show_bug.cgi?id=523540 review request]
 +
 
 
* add [http://en.wikipedia.org/wiki/Domain_name_system#Circular_dependencies_and_glue_records GLUE] record to NS2 with Network Solutions (domain registrar) for each domain (as needed)
 
* add [http://en.wikipedia.org/wiki/Domain_name_system#Circular_dependencies_and_glue_records GLUE] record to NS2 with Network Solutions (domain registrar) for each domain (as needed)
* add separate MaxMind IPv6 database to monthly download script, and to MMWithout this, MM can't do any geoip lookups.
+
 
 +
== Known Problems ==
 +
* for some users, particularly those on PPP connections of some sort, using the default MTU of 1500 bytes winds up being too big, and packets are getting dropped for those users.  A user can manually reduce their MTU down to say 1472, and report success(1 report)
 +
* for some users, particularly 6to4 users (2002::/16), various routers within the Internet are dropping their packets, either in getting to fedoraproject.org, or on return from fedoraproject.org. (5 reports)
 +
* If you are having trouble reading fedoraproject.org web pages while using Firefox, you can disable ipv6 lookups in Firefox.
 +
  about:config
 +
  network.dns.disableIPv6 = True
  
  
 
[[Category:Infrastructure]]
 
[[Category:Infrastructure]]

Latest revision as of 03:01, 16 October 2009

Infrastructure InfrastructureTeamN1.png


Contents

[edit] Project Sponsor

Name: Matt Domsch
Fedora Account Name: mdomsch
Group: Infrastructure
Infrastructure Sponsor: mdomsch

[edit] Secondary Contact info

Name: Jeff Garzik
Fedora Account Name: jgarzik
Group: Kernel Developers

[edit] Project Info

Project Name: IPv6 Connectivity for Infrastructure
Target Audience: IPv6-capable users
Expiration/Delivery Date (required): 12/31/2009

Description/Summary: Fedora Infrastructure services are not reachable via IPv6. This plan allows FI to serve both IPv4 and IPv6 users.


Project plan (Detailed):

  1. Discover and use native IPv6 connectivity if offered in each of our data centers.
    1. Telia is reported to have it, but only for BGP customers (e.g. no us.)
    2. Options: 6to4 gateway server, or 6to4 on each public-facing (static IP) server. Note: We have decided to only use native IPv6, not tunnels.
  2. Convert services one by one to serve IPv6 natively.
    1. Proxy Servers
    2. MirrorManager


Goals:

[edit] Specific resources needed

  • existing resources are sufficient. IPv6 will be enabled on existing hosts where it makes sense.

[edit] IPv6 Capabilities by Data Center

  • PHX - none available.
  • PHX2 - hardware capable, but native routing not configured, and no plans to enable.
  • telia - native IPv6 available, but only to BGP customers.
  • tummy - none available. Request filed with Kevin Fenzi.
  • serverbeach - none available.
  • ibiblio - native IPv6 available, dynamic addresses assigned on ibiblio1 and its guests already. Static IP range declared by us, using ::fed0:* for host address part.
  • BU - not available yet, but testing will begin Spring 2010 with plans for production use by Fall 2010.
  • osuosl - planned by "end of summer". Check back in a few months.

[edit] Potential IPv6 services given DC capabilities

As ibiblio already has IPv6 connectivity, these are the servers and their apps that could be easily enabled.

  • proxy4 (therefore web apps behind it)
    • Enabled 2009-08-31
  • ns2 (DNS)
    • Enabled 2009-08-31. Awaiting GLUE records from our domain registrar.
  • torrent1
    • our current tracker, bittorrent-4.4.0-5.el5 does not support IPv6
    • opentracker does. This is not packaged in Fedora yet, but the license is beerware so could be.
  • publictest[1234]

[edit] TODO

  • add GLUE record to NS2 with Network Solutions (domain registrar) for each domain (as needed)

[edit] Known Problems

  • for some users, particularly those on PPP connections of some sort, using the default MTU of 1500 bytes winds up being too big, and packets are getting dropped for those users. A user can manually reduce their MTU down to say 1472, and report success. (1 report)
  • for some users, particularly 6to4 users (2002::/16), various routers within the Internet are dropping their packets, either in getting to fedoraproject.org, or on return from fedoraproject.org. (5 reports)
  • If you are having trouble reading fedoraproject.org web pages while using Firefox, you can disable ipv6 lookups in Firefox.
 about:config
 network.dns.disableIPv6 = True