A rather large ballache would also be ip6tables - I saw no mention in
your post - thought I'd throw it out there also.
--
Cheers,
David JM Emmett
Sent from my iPhone
On 23 Aug 2009, at 21:50, Matt Domsch <Matt_Domsch@xxxxxxxx> wrote:
On Mon, Aug 17, 2009 at 09:22:28AM -0400, Jeff Garzik wrote:
Is there any IPv6 plan for *.fedoraproject.org ?
I filed a ticket:
https://fedorahosted.org/fedora-infrastructure/ticket/1623
and the related wiki page:
https://fedoraproject.org/wiki/Infrastructure/IPv6
to get started on this.
It would really help to get info from our kind hosting providers (PHX,
tummy, telia, ibiblio, BU, serverbeach, others?) to know exactly what
IPv6 capability is already present and how to get address assignments
for our use there.
My thought is this. MirrorManager is the most interesting service we
offer that would make direct use of an IPv6 address (to do netblock
lookups). As was noted in the now-closed ticket
https://fedorahosted.org/fedora-infrastructure/ticket/1057
we will have to enable (some of?) our proxy servers to serve over
IPv6, as that is where mirrors.fp.o and download.fp.o resolve. We
could set up a publictest proxy instance in one of the colos with
native IPv6 already, one that matches the existing proxy there, but
which also serves IPv6. We create a mirrors-ipv6.fedoraproject.org
AAA record which points at that proxy, and use that to test out the
rest of the infrastructur (which remains serving IPv4 unchanged).
This would give me a chance to work out any bugs in MM which I'm sure
exist (at the very least, python-pydns doesn't do AAAA-record lookups
and will need fixing).
The automatic Internet2 detection will need some help too, as right
now the BGP tables I'm pulling from
http://syslog.abilene.ucaid.edu/bgp/WASH/RIBS/
is only listing IPv4 addresses.
As for serving other content, if it's fronted by the proxy servers
(e.g. web content), then it should naturally start working via the
IPv6-enabled proxys. Testing will prove that out.
For non-web content (git, cvs, ssh?), I believe this is mostly hosted
in PHX, which at this point we don't believe has native IPv6. How can
we go about requesting such in the colo? I presume this is something
that Red Hat IS would have to ask for on our behalf. I'd much rather
try to get native going, instead of dealing with 6to4 (the nearest
6to4 server is 10 hops and 60+ms away) or tunnels.
fedorapeople is at BU, which has some native IPv6 capability, but it's
not clear they use it:
http://www.mrp.net/IPv6_Survey.html
As for DNS servers (serving DNS over IPv6), we have:
ns1 is at serverbeach.
ns2 is at ibiblio.
We'll need to know their native IPv6 capability before proceeding
there. This is less critical, as most users are still doing their DNS
lookups to an IPv4 DNS server at their ISP. But it would be nice.
So, that's my thoughts. I'd love to hear yours.
-Matt
--
Matt Domsch
Technology Strategist, Dell Office of the CTO
linux.dell.com & www.dell.com/linux
_______________________________________________
Fedora-infrastructure-list mailing list
Fedora-infrastructure-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
_______________________________________________
Fedora-infrastructure-list mailing list
Fedora-infrastructure-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list