Quickstart                                                      with Squid                      © Ralf Schwoebel          ...
Content•   Intro•   Tasks of a Webmaster•   IPv6 in less than 20 Minutes using SQUID•   Problems•   Tools                 ...
Intro – about Ralf• eCommerce since 1995• Developer (PHP, Perl, HTML5, etc.) and SEO• Founder and CEO of tradebit.com• Imp...
Tasks of a webmaster•   Prepare and maintain the server(s)•   Enabling 3rd Party Services•   Secure the server(s)•   Updat...
IPv6 in less than....          20 minutes!                        © Ralf Schwoebel               puzzler@tradebit.com / tw...
Setup Sketch                       IPv4 Round Robin / etc.                           IPv6 SQUIDIPv4                    Web...
Do I have IPv6?                      © Ralf Schwoebel             puzzler@tradebit.com / twitter: trabit
IPv6 in less than 20 minutes!• New dedicated servers support IPv6, thanks!                         © Ralf Schwoebel       ...
IPv6 in less than 20 minutes!• Configuring Linux (CentOS/RHEL)  http://www.cyberciti.biz/faq/rhel-redhat-fedora-centos-ipv...
IPv6 in less than 20 minutes!• Nameserver                        © Ralf Schwoebel               puzzler@tradebit.com / twi...
Using Squid• IPv6 in less than 20 minutes...    1                                                    3    http://www.squid...
Using Squid• IPv6 in less than 20 minutes - Confighttp://[2607:f0d0:1301:2c::2]/                                      © Ra...
Using Squid: Good!• All delivery works• CDN: tricky, but doable• Important Ports work: 80, 443, 21, 22, 25, etc.• ip6table...
Using Squid: Safer & Faster!               Transparent Proxy with Squid                                                   ...
Using Squid – Problems?• A site is more than port 80• Squid helps on any port, but:  – HTML5 Websockets = persistent conne...
The tools• PureFTPd: works on IPv6 natively• Ip6tables: yes, but SNORT: double workload!• Fraud tracking/protection GeoIP ...
PureFTPd• Works on same box: IP-less config!                         © Ralf Schwoebel                puzzler@tradebit.com ...
IP6Tablesiptables    -A   INPUT    -p   tcp    --dport         21 -j ACCEPTiptables    -A   INPUT    -p   tcp    --dport  ...
PHP Forwarded-for  $_SERVER[HTTP_X_FORWARDED_FOR]         (not $_SERVER["REMOTE_ADDR"])    IPv6 needs to be checked sepera...
Statistics[root@tbv6-1 ~]# wc -l testtail.txt1,654,630[root@tbv6-1 ~]# grep ":" testtail.txt |wc -l7,908Roughly 0.5% in 3 ...
Conclusion• Dedicated Server with SQUID enables you for  IPv6 in less than 20 minutes• Specific serverside solutions might...
© Ralf Schwoebelpuzzler@tradebit.com / twitter: trabit
ThanksI am available for questions:Ralf SchwoebeleMail:      puzzler@tradebit.comTwitter:    trabitXING:       https://www...
Upcoming SlideShare
Loading in …5
×

How to make your website IPv6 ready (quickly)

3,681 views

Published on

My presentation from the IPv6 congress in Frankfurt with the popular Heise Publishing house and the DE-CIX organization bringing people from all levels of the Internet business together. It helps webmasters to make their site quickly IPv6 ready in a VERY short time and for a minimal budget!

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
3,681
On SlideShare
0
From Embeds
0
Number of Embeds
6
Actions
Shares
0
Downloads
15
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

How to make your website IPv6 ready (quickly)

  1. 1. Quickstart with Squid © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  2. 2. Content• Intro• Tasks of a Webmaster• IPv6 in less than 20 Minutes using SQUID• Problems• Tools © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  3. 3. Intro – about Ralf• eCommerce since 1995• Developer (PHP, Perl, HTML5, etc.) and SEO• Founder and CEO of tradebit.com• Implemented IPv6 – as far as possible! © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  4. 4. Tasks of a webmaster• Prepare and maintain the server(s)• Enabling 3rd Party Services• Secure the server(s)• Updating software packages• etc.• NOT: thinking about IPv6 © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  5. 5. IPv6 in less than.... 20 minutes! © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  6. 6. Setup Sketch IPv4 Round Robin / etc. IPv6 SQUIDIPv4 Web Server Web Server SSH Server FTP ServerLegacy Setup,grown over Caching Server / Memcache Search Server / Sphinxyears,FTP, Web, NFS DB Server DB Server Geo IP CDNMemcache, Sphinx,MySQL Master/Slaves, STORAGE STORAGE STORAGE STORAGEGeoIP DB, etc. © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  7. 7. Do I have IPv6? © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  8. 8. IPv6 in less than 20 minutes!• New dedicated servers support IPv6, thanks! © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  9. 9. IPv6 in less than 20 minutes!• Configuring Linux (CentOS/RHEL) http://www.cyberciti.biz/faq/rhel-redhat-fedora-centos-ipv6-network-configuration/ © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  10. 10. IPv6 in less than 20 minutes!• Nameserver © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  11. 11. Using Squid• IPv6 in less than 20 minutes... 1 3 http://www.squid-cache.org/Versions/2 Works! © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  12. 12. Using Squid• IPv6 in less than 20 minutes - Confighttp://[2607:f0d0:1301:2c::2]/ © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  13. 13. Using Squid: Good!• All delivery works• CDN: tricky, but doable• Important Ports work: 80, 443, 21, 22, 25, etc.• ip6tables available! © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  14. 14. Using Squid: Safer & Faster! Transparent Proxy with Squid images HTML PHP javascript server side code css © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  15. 15. Using Squid – Problems?• A site is more than port 80• Squid helps on any port, but: – HTML5 Websockets = persistent connections! – Self coded, IP based tools (think Geo-IP) fail © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  16. 16. The tools• PureFTPd: works on IPv6 natively• Ip6tables: yes, but SNORT: double workload!• Fraud tracking/protection GeoIP © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  17. 17. PureFTPd• Works on same box: IP-less config! © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  18. 18. IP6Tablesiptables -A INPUT -p tcp --dport 21 -j ACCEPTiptables -A INPUT -p tcp --dport 80 -j ACCEPTiptables -A INPUT -p tcp --dport 443 -j ACCEPTiptables -A INPUT -p tcp --dport 16803 -j ACCEPTip6tables -A INPUT -p tcp --dport 21 -j ACCEPTip6tables -A INPUT -p tcp --dport 80 -j ACCEPTip6tables -A INPUT -p tcp --dport 443 -j ACCEPTip6tables -A INPUT -p tcp --dport 16803 -j ACCEPT# -iptables -A INPUT -j DROPip6tables -A INPUT -j DROP © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  19. 19. PHP Forwarded-for $_SERVER[HTTP_X_FORWARDED_FOR] (not $_SERVER["REMOTE_ADDR"]) IPv6 needs to be checked seperately! © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  20. 20. Statistics[root@tbv6-1 ~]# wc -l testtail.txt1,654,630[root@tbv6-1 ~]# grep ":" testtail.txt |wc -l7,908Roughly 0.5% in 3 days! © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  21. 21. Conclusion• Dedicated Server with SQUID enables you for IPv6 in less than 20 minutes• Specific serverside solutions might stop working © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  22. 22. © Ralf Schwoebelpuzzler@tradebit.com / twitter: trabit
  23. 23. ThanksI am available for questions:Ralf SchwoebeleMail: puzzler@tradebit.comTwitter: trabitXING: https://www.xing.com/profile/Ralf_SchwoebelDownload: http://www.slideshare.net/extremelongusername © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit

×