Welcome to the IPv6 world

This blog can now be reached over IPv6 (or ipv6.edeca.net), which is surely the final nail in the coffin of IPv4 across the internet.

After deciding that I knew little about the practical aspects of IPv6 I spoke to my VPS provider, Bytemark, and asked for some addresses. Configuring Debian was simple, as it already comes with a dual stack and just needs the public IPv6 block adding to the existing link-local address.

After a week I have seen a number of accesses to this site using IPv6. I also added an AAAA record for my mail exchanger at the same time, but so far haven’t seen any legitimate messages delivered. SSH login attempts have also been absent, which is good as apparently denyhosts doesn’t support IPv6 just yet.

It is worth considering security too. By default, ip6tables is permissive in ALLOW mode. This has security implications for link-local addresses if the attacker is on the same network segment, but definitely needs thought if you add routable IPv6 addresses. I copied my existing set of iptables rules and modified them where necessary, only allowing the essential services.

Be the first to comment from an IPv6 address!

David Cannings
David Cannings
Cyber Security

My interests include computer security, digital electronics and writing tools to help analysis of cyber attacks.