IPv6 is not exactly production ready for many reasons. Reasons are many including impossible to remember notation, double issue with security (attack can happen via IPv4 and IPv6), unlisted bad IPv6 used by attackers, hardware like router lack support etc. Out of These Issues, Some Dedicated Server May Not Have IPv6. There are various IPv6 transition mechanisms like tunneling, SIIT (Stateless IP/ICMP Translation), NAT64 etc. However we can use Nginx Reverse Proxy as it is just easy. Here is How To Add IPv6 to IPv4 Server With Nginx Reverse Proxy and Cloud Server Instance With IPv6.
Needed Resources To Add IPv6 to IPv4 Server With Nginx Reverse Proxy
We need a cloud server instance from a host which is cheap yet reliable and has IPv6 support. Aruba Cloud is an Italian bigger web hosting company who has IPv6 capable 1 GB RAM instance (VMWare virtualization) at 1 Euro per month rate. At one Euro per month, one IPv6 is not bad.
Furthermore you can use the server’s IPv4 for hosting your personal website. You should properly configure security of this new cloud server instance. You need nothing more than it. RFC 4213 specifies compatibility mechanisms that can be implemented by IPv6 hosts and routers. This is exactly what RFC 4213 details:
---
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 | +-------------+ | IPv4 | | Header | +-------------+ +-------------+ | IPv6 | | IPv6 | | Header | | Header | +-------------+ +-------------+ | Transport | | Transport | | Layer | ===> | Layer | | Header | | Header | +-------------+ +-------------+ | | | | ~ Data ~ ~ Data ~ | | | | +-------------+ +-------------+ Encapsulating IPv6 in IPv4 |
How To Add IPv6 to IPv4 Server With Nginx Reverse Proxy
Spin a cloud server instance (which has IPv6 support) with Ubuntu or CentOS as server operating system. We are writing the commands, settings for Ubuntu 16.04 LTS. So install Nginx :
1 2 3 | apt update apt upgrade apt install nginx-extras |
You can see your IPv6 from that instance’s SSH with any of these commands :
1 2 | telnet myip.gelma.net curl ipv6.ipogre.com |
Go to your DNS service (which is DYN DNS in our case) and add that address as AAAA record against bare domain.
On SSH, change directory to virtual host directory :
1 | cd /etc/nginx/sites-available/ |
There is a default named file which will use as our configuration file. First empty the file :
1 | echo " " > /etc/nginx/sites-available/default |
Take that, your website is https://thecustomizewindows.com i.e. it is most complicated – has SSL, uses bare domain. For each IP, we have four probabilities of kind of URL :
1 2 3 4 | https://thecustomizewindows.com http://thecustomizewindows.com https://www.thecustomizewindows.com http://www.thecustomizewindows.com |
All of these do not need to get server block as we will use default_server or localhost loopback as server name.
Add these to /etc/nginx/nginx.conf under http context :
1 2 3 4 | proxy_cache_path /var/lib/nginx/cache levels=1:2 keys_zone=backcache:8m max_size=50m; proxy_cache_key "$scheme$request_method$host$request_uri$is_args$args"; proxy_cache_valid 200 302 10m; proxy_cache_valid 404 1m; |
Of course you need to create the directory and give proper permission :
1 2 3 | sudo mkdir -p /var/lib/nginx/cache sudo chown www-data /var/lib/nginx/cache sudo chmod 700 /var/lib/nginx/cache |
In such case, /etc/nginx/sites-available should have :
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 | ## main server port 443 block starts server { listen [::]:443 ssl http2; server_name default_server; access_log /var/log/nginx/thecustomizewindows.log combined; # ... # add ssl directives here # ... location / { proxy_pass https://thecustomizewindows.com:443; # live webiste on IPV4 proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } ## main server block ends ## port 80 server block starts server { listen [::]:80; server_name default_server; location / { proxy_pass http://thecustomizewindows.com:80; # live webiste on IPV4 proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } ## port 80 non-www server block ends |
Restart nginx after config test:
1 2 | nginx -t service nginx restart |
Testing After Following The Above Method To Add IPv6 to IPv4 Server With Nginx Reverse Proxy
In case, you do not have IPv6 enabled ISP service (that means, your computer-Internet service Provider does not support IPv6), you can use this service to browse your website via IPv6 :
1 | http://www.ipv6proxy.net |
If your IPv6 address is 2a00:6d40:40:506e::1, type your URL on the field on that webpage :
1 | https://[2a00:6d40:40:506e::1] |
and click GO button. Browse your website.
Complete Nginx Settings Of IPv6 to IPv4 Server With Nginx Reverse Proxy
We have a Github repository of Nginx IPv4 to IPv6 reverse proxy settings with exact copy-paste of our /etc/nginx/nginx.conf and /etc/nginx/sites-enabled/ files. Obviously one need to have the proper SSL certs of own (which we can not supply).
Conclusion
This is a somewhat cheating way to enable IPv6 on IPv4 only servers. Biggest advantage of this method is analyzing the usage of IPv6 by your visitors from Nginx server log. We can use Free Software like GoAccess for the analysis of Nginx log. Thereafter we can take more serious step for IPv6 transition.
Tagged With https://thecustomizewindows com/2016/11/add-ipv6-ipv4-server-nginx-reverse-proxy/ , proxy 50na50 , nginx reverse proxy ipv6 to ipv4 , ipv6 to ipv4 proxy , nginx ipv6 to ipv4 , nginx ipv6 proxy_set_header , x videos https ipv6 , https://yandex ru/clck/jsredir?from=yandex ru;search;web;;&text=&etext=1827 LUmrtFFRWBXlyxJxVW8LgDj3_VIQ4Pd-N-6xELAwI5bScKIGDZGa753sFhsaW9H- 38f067c548172700ed211f92952fd3b045ea43e3&uuid=&state=_BLhILn4SxNIvvL0W45KSic66uCIg23qh8iRG98qeIXme , how to add aaaa to nginx , ipv6 502