Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Quickstart                                                      with Squid                      © Ralf Schwoebel          ...
Content•   Intro•   Tasks of a Webmaster•   IPv6 in less than 20 Minutes using SQUID•   Problems•   Tools                 ...
Intro – about Ralf• eCommerce since 1995• Developer (PHP, Perl, HTML5, etc.) and SEO• Founder and CEO of tradebit.com• Imp...
Tasks of a webmaster•   Prepare and maintain the server(s)•   Enabling 3rd Party Services•   Secure the server(s)•   Updat...
IPv6 in less than....          20 minutes!                        © Ralf Schwoebel               puzzler@tradebit.com / tw...
Setup Sketch                       IPv4 Round Robin / etc.                           IPv6 SQUIDIPv4                    Web...
Do I have IPv6?                      © Ralf Schwoebel             puzzler@tradebit.com / twitter: trabit
IPv6 in less than 20 minutes!• New dedicated servers support IPv6, thanks!                         © Ralf Schwoebel       ...
IPv6 in less than 20 minutes!• Configuring Linux (CentOS/RHEL)  http://www.cyberciti.biz/faq/rhel-redhat-fedora-centos-ipv...
IPv6 in less than 20 minutes!• Nameserver                        © Ralf Schwoebel               puzzler@tradebit.com / twi...
Using Squid• IPv6 in less than 20 minutes...    1                                                    3    http://www.squid...
Using Squid• IPv6 in less than 20 minutes - Confighttp://[2607:f0d0:1301:2c::2]/                                      © Ra...
Using Squid: Good!• All delivery works• CDN: tricky, but doable• Important Ports work: 80, 443, 21, 22, 25, etc.• ip6table...
Using Squid: Safer & Faster!               Transparent Proxy with Squid                                                   ...
Using Squid – Problems?• A site is more than port 80• Squid helps on any port, but:  – HTML5 Websockets = persistent conne...
The tools• PureFTPd: works on IPv6 natively• Ip6tables: yes, but SNORT: double workload!• Fraud tracking/protection GeoIP ...
PureFTPd• Works on same box: IP-less config!                         © Ralf Schwoebel                puzzler@tradebit.com ...
IP6Tablesiptables    -A   INPUT    -p   tcp    --dport         21 -j ACCEPTiptables    -A   INPUT    -p   tcp    --dport  ...
PHP Forwarded-for  $_SERVER[HTTP_X_FORWARDED_FOR]         (not $_SERVER["REMOTE_ADDR"])    IPv6 needs to be checked sepera...
Statistics[root@tbv6-1 ~]# wc -l testtail.txt1,654,630[root@tbv6-1 ~]# grep ":" testtail.txt |wc -l7,908Roughly 0.5% in 3 ...
Conclusion• Dedicated Server with SQUID enables you for  IPv6 in less than 20 minutes• Specific serverside solutions might...
© Ralf Schwoebelpuzzler@tradebit.com / twitter: trabit
ThanksI am available for questions:Ralf SchwoebeleMail:      puzzler@tradebit.comTwitter:    trabitXING:       https://www...
Upcoming SlideShare
Loading in …5
×

How to make your website IPv6 ready (quickly)

3,862 views

Published on

My presentation from the IPv6 congress in Frankfurt with the popular Heise Publishing house and the DE-CIX organization bringing people from all levels of the Internet business together. It helps webmasters to make their site quickly IPv6 ready in a VERY short time and for a minimal budget!

Published in: Technology
  • Be the first to comment

  • Be the first to like this

How to make your website IPv6 ready (quickly)

  1. 1. Quickstart with Squid © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  2. 2. Content• Intro• Tasks of a Webmaster• IPv6 in less than 20 Minutes using SQUID• Problems• Tools © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  3. 3. Intro – about Ralf• eCommerce since 1995• Developer (PHP, Perl, HTML5, etc.) and SEO• Founder and CEO of tradebit.com• Implemented IPv6 – as far as possible! © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  4. 4. Tasks of a webmaster• Prepare and maintain the server(s)• Enabling 3rd Party Services• Secure the server(s)• Updating software packages• etc.• NOT: thinking about IPv6 © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  5. 5. IPv6 in less than.... 20 minutes! © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  6. 6. Setup Sketch IPv4 Round Robin / etc. IPv6 SQUIDIPv4 Web Server Web Server SSH Server FTP ServerLegacy Setup,grown over Caching Server / Memcache Search Server / Sphinxyears,FTP, Web, NFS DB Server DB Server Geo IP CDNMemcache, Sphinx,MySQL Master/Slaves, STORAGE STORAGE STORAGE STORAGEGeoIP DB, etc. © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  7. 7. Do I have IPv6? © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  8. 8. IPv6 in less than 20 minutes!• New dedicated servers support IPv6, thanks! © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  9. 9. IPv6 in less than 20 minutes!• Configuring Linux (CentOS/RHEL) http://www.cyberciti.biz/faq/rhel-redhat-fedora-centos-ipv6-network-configuration/ © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  10. 10. IPv6 in less than 20 minutes!• Nameserver © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  11. 11. Using Squid• IPv6 in less than 20 minutes... 1 3 http://www.squid-cache.org/Versions/2 Works! © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  12. 12. Using Squid• IPv6 in less than 20 minutes - Confighttp://[2607:f0d0:1301:2c::2]/ © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  13. 13. Using Squid: Good!• All delivery works• CDN: tricky, but doable• Important Ports work: 80, 443, 21, 22, 25, etc.• ip6tables available! © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  14. 14. Using Squid: Safer & Faster! Transparent Proxy with Squid images HTML PHP javascript server side code css © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  15. 15. Using Squid – Problems?• A site is more than port 80• Squid helps on any port, but: – HTML5 Websockets = persistent connections! – Self coded, IP based tools (think Geo-IP) fail © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  16. 16. The tools• PureFTPd: works on IPv6 natively• Ip6tables: yes, but SNORT: double workload!• Fraud tracking/protection GeoIP © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  17. 17. PureFTPd• Works on same box: IP-less config! © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  18. 18. IP6Tablesiptables -A INPUT -p tcp --dport 21 -j ACCEPTiptables -A INPUT -p tcp --dport 80 -j ACCEPTiptables -A INPUT -p tcp --dport 443 -j ACCEPTiptables -A INPUT -p tcp --dport 16803 -j ACCEPTip6tables -A INPUT -p tcp --dport 21 -j ACCEPTip6tables -A INPUT -p tcp --dport 80 -j ACCEPTip6tables -A INPUT -p tcp --dport 443 -j ACCEPTip6tables -A INPUT -p tcp --dport 16803 -j ACCEPT# -iptables -A INPUT -j DROPip6tables -A INPUT -j DROP © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  19. 19. PHP Forwarded-for $_SERVER[HTTP_X_FORWARDED_FOR] (not $_SERVER["REMOTE_ADDR"]) IPv6 needs to be checked seperately! © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  20. 20. Statistics[root@tbv6-1 ~]# wc -l testtail.txt1,654,630[root@tbv6-1 ~]# grep ":" testtail.txt |wc -l7,908Roughly 0.5% in 3 days! © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  21. 21. Conclusion• Dedicated Server with SQUID enables you for IPv6 in less than 20 minutes• Specific serverside solutions might stop working © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit
  22. 22. © Ralf Schwoebelpuzzler@tradebit.com / twitter: trabit
  23. 23. ThanksI am available for questions:Ralf SchwoebeleMail: puzzler@tradebit.comTwitter: trabitXING: https://www.xing.com/profile/Ralf_SchwoebelDownload: http://www.slideshare.net/extremelongusername © Ralf Schwoebel puzzler@tradebit.com / twitter: trabit

×