interfasys
Verified User
No, DA should use the server's IP for most services and will use IPv6 for Apache and ProftpD.
If you want to offer the full IPv6/SSL experience to your customers, then yes, you'll have scripts to write.
IPv6
- Thread starter Dougy
- Start date
No, DA should use the server's IP for most services and will use IPv6 for Apache and ProftpD.
If you want to offer the full IPv6/SSL experience to your customers, then yes, you'll have scripts to write.
nobaloney
NoBaloney Internet Svcs - In Memoriam †
DirectAdmin configures ProFTPd properly. At least it always has for me.
I'm not sure what happens when you compile manually; you should save your configuration files first so you can write them back if necessary.
And then: I'm not sure if special configurations need to be written for ProFTPd on IPv6; perhaps someone else does.
Jeff
I'm not sure what happens when you compile manually; you should save your configuration files first so you can write them back if necessary.
And then: I'm not sure if special configurations need to be written for ProFTPd on IPv6; perhaps someone else does.
Jeff
interfasys
Verified User
Custombuild lets you use a custom folder for special configs, so an admin just needs to use that to compile Proftpd.
As for the config, the default DA one should let users connect using IPv6.
As for the config, the default DA one should let users connect using IPv6.
IT_Architect
Verified User
- Joined
- Feb 27, 2006
- Messages
- 1,094
>The internal DirectAdmin socket code only supports IPv4 at this time.<
I'm getting ready to set up 3 more FreeBSD servers. I would say that two things are pretty much over these days for new server setups:
1. 32 bit operating systems
2. Not being IPV6 Capable
I'd like to continue to use DirectAdmin if possible.
I'm getting ready to set up 3 more FreeBSD servers. I would say that two things are pretty much over these days for new server setups:
1. 32 bit operating systems
2. Not being IPV6 Capable
I'd like to continue to use DirectAdmin if possible.
nobaloney
NoBaloney Internet Svcs - In Memoriam †
DirectAdmin does support FreeBSDl 8.x 64-bit systems.
DirectAdmin doesn't yet support IPv6 for DirectAdmin authentication/login; each server must have at least one IPv4 IP# for authentication and login.
IPv6 authentication/login is coming but there's no date yet.
Jeff
DirectAdmin doesn't yet support IPv6 for DirectAdmin authentication/login; each server must have at least one IPv4 IP# for authentication and login.
IPv6 authentication/login is coming but there's no date yet.
Jeff
interfasys
Verified User
There is also another issue with IPv6
The IP management page doesn't really support them.
You can add IPs, but the masks are all wrong.
It can be confusing for new users and/or people new to IPv6 that are trying to do things right.
The IP management page doesn't really support them.
You can add IPs, but the masks are all wrong.
It can be confusing for new users and/or people new to IPv6 that are trying to do things right.
IT_Architect
Verified User
- Joined
- Feb 27, 2006
- Messages
- 1,094
>DirectAdmin doesn't yet support IPv6 for DirectAdmin authentication/login; each server must have at least one IPv4 IP# for authentication and login. IPv6 authentication/login is coming but there's no date yet.<
>There is also another issue with IPv6. The IP management page doesn't really support them. You can add IPs, but the masks are all wrong.
It can be confusing for new users and/or people new to IPv6 that are trying to do things right. <
Let's use a hypothetical hosting company named MyHosing.com, to clarify the viability of using DirectAdmin with IPV6.
- MyHosting.com has a block of IPV4 addresses it can use to manage servers only. The normal IP addresses assigned to the server for users will be IPV6
- MyHosting.com is setting up a new FreeBSD IPV6 server named server1.myhosting.com.
- The new server will host 5 users, Ford, GM, MoPar, Honda, and Toyota.
- Each customer must have access to administer their sites, get e-mail, webmail, use ftp, ssh, and manage their DNS.
Questions:
1. What would MyHosting.com need to do out of the ordinary to implement this new IPV6 server?
2. What would these customers need to do out of the ordinary to use these services provided by the new IPV6 server?
Thanks!
>There is also another issue with IPv6. The IP management page doesn't really support them. You can add IPs, but the masks are all wrong.
It can be confusing for new users and/or people new to IPv6 that are trying to do things right. <
Let's use a hypothetical hosting company named MyHosing.com, to clarify the viability of using DirectAdmin with IPV6.
- MyHosting.com has a block of IPV4 addresses it can use to manage servers only. The normal IP addresses assigned to the server for users will be IPV6
- MyHosting.com is setting up a new FreeBSD IPV6 server named server1.myhosting.com.
- The new server will host 5 users, Ford, GM, MoPar, Honda, and Toyota.
- Each customer must have access to administer their sites, get e-mail, webmail, use ftp, ssh, and manage their DNS.
Questions:
1. What would MyHosting.com need to do out of the ordinary to implement this new IPV6 server?
2. What would these customers need to do out of the ordinary to use these services provided by the new IPV6 server?
Thanks!
interfasys
Verified User
1. You will get an IPv4 server that supports additional IPv6 IPs for clients connecting from an IPv6 network.
IPv6 clients will connect to the private IPsv6 on all services as long as you don't use SSL which only works for the http service.
This box can only be managed (DA) from an IPv4 network.
You can have domains that only use IPv6 if you want.
Things to do:
2. These customers need to be on the IPv4 network or on a dual stack network if they want to be able to manage their account.
The customers of these customers can be on IPv6 or IPv4 only networks.
How does that sound?
IPv6 clients will connect to the private IPsv6 on all services as long as you don't use SSL which only works for the http service.
This box can only be managed (DA) from an IPv4 network.
You can have domains that only use IPv6 if you want.
Things to do:
- You need to make sure that you compile all software with IPv6 support (Exim, Proftpd, etc.)
- You need to check that all config files are IPv6 ready
- Optional: You need to write custom scripts so that the config files (Exim, etc.) are changed every time you change IPs and/or SSL cert in DA
2. These customers need to be on the IPv4 network or on a dual stack network if they want to be able to manage their account.
The customers of these customers can be on IPv6 or IPv4 only networks.
How does that sound?
Last edited:
IT_Architect
Verified User
- Joined
- Feb 27, 2006
- Messages
- 1,094
Thank you for clarifying these issues.
>How does that sound? <
It sounds like that while some work may have been done in some of the easier to implement areas, DirectAdmin doesn't really work with IPV6. Correct me if I'm wrong, but I assume from this:
1. If I simply prepare a minimal install server as required by DA, with an IPV6 address assigned to that server, and a secondary IPV4 address bound a public interface, after the install completes, I do not have a server that supports IPV6 for Apache, and few if any of the other services.
2. What logically follows is changes and updates performed by DirectAdmin require that I manually adjust configs altered by the update, and perhaps recompile the majority, if not all of the apps.
If that's accurate, then I'd guess that DirectAdmin needs to address this situation in the near term. Users of their product will won't knowingly commit to something there is a good possibility will no longer work for them in less than two years. They will feel compelled to evaluate other products. The bigger the "fish", the further ahead they look for potential problems like this. DA getting their IPV6 act together "just-in-time", is actually getting it together "just-a-little-too-late" IMHO.
Thanks!
>How does that sound? <
It sounds like that while some work may have been done in some of the easier to implement areas, DirectAdmin doesn't really work with IPV6. Correct me if I'm wrong, but I assume from this:
1. If I simply prepare a minimal install server as required by DA, with an IPV6 address assigned to that server, and a secondary IPV4 address bound a public interface, after the install completes, I do not have a server that supports IPV6 for Apache, and few if any of the other services.
2. What logically follows is changes and updates performed by DirectAdmin require that I manually adjust configs altered by the update, and perhaps recompile the majority, if not all of the apps.
If that's accurate, then I'd guess that DirectAdmin needs to address this situation in the near term. Users of their product will won't knowingly commit to something there is a good possibility will no longer work for them in less than two years. They will feel compelled to evaluate other products. The bigger the "fish", the further ahead they look for potential problems like this. DA getting their IPV6 act together "just-in-time", is actually getting it together "just-a-little-too-late" IMHO.
Thanks!
interfasys
Verified User
I've modified my original statement since it was wrong and misleading. There is more of a problem with the SSL/IP combo than there is with IPv6.
1. You do get a server that can accept connections from the IPv6 network on all ports, offering all services (except DA).
The same server will offer the same services on the IPv4 network, but with less IPs. Domains can have both types so a customer can connect to http via IPv4, but his mobile is retrieving his emails via IPv6.
2. Custombuild should be updated to support IPv6. I guess if enough people ask for it, it will happen
. I think only ProFTPd and Exim need to be modified. Regarding the configs, if you don't intend on fully supporting SSL, it should work out of the box.
I think JBMC Software has only 3 things to do:
update DA itself
update custombuild
make sure the multi-IP system works
support SSL configuration on all services
#2 is easy, #3 is almost there, no idea about #1 and I doubt #4 will happen.
So all in all, there not that far.
I'm using a dual-stack system myself and it works quite well.
1. You do get a server that can accept connections from the IPv6 network on all ports, offering all services (except DA).
The same server will offer the same services on the IPv4 network, but with less IPs. Domains can have both types so a customer can connect to http via IPv4, but his mobile is retrieving his emails via IPv6.
2. Custombuild should be updated to support IPv6. I guess if enough people ask for it, it will happen
. I think only ProFTPd and Exim need to be modified. Regarding the configs, if you don't intend on fully supporting SSL, it should work out of the box.I think JBMC Software has only 3 things to do:
update DA itself
update custombuild
make sure the multi-IP system works
support SSL configuration on all services
#2 is easy, #3 is almost there, no idea about #1 and I doubt #4 will happen.
So all in all, there not that far.
I'm using a dual-stack system myself and it works quite well.
IT_Architect
Verified User
- Joined
- Feb 27, 2006
- Messages
- 1,094
That sounds more manageable than what I was thinking.
You have a bleak assessment on that one for some reason?
interfasys
Verified User
Because they could have done it a long time ago for IPv4, but saw no compelling reason to do so, so I doubt this will change with IPv6.
Why would it be acceptable for a user to have to bypass errors and read certificates closely when he's using the ftp, pop, imap or smtp protocols, when it's deemed unacceptable to have an invalid cert in a browser?
The main reason to buy a cert is to be able to trust the connection, so it should work on all protocols linked to the user IP.
But that's another discussion...
IT_Architect
Verified User
- Joined
- Feb 27, 2006
- Messages
- 1,094
I didn't think about that. Probably because they can get away with it because people don't feed in credit card information on those.
If they didn't support http, they wouldn't be able to sell DA to anybody. Your logic has me agreeing with you on that point. Unless something forces that hand, it won't happen. IPV6 support is a deal-breaker. More so than even an http cert would be. Because of that, I will be looking until there is support for it within DA.Thanks!
interfasys
Verified User
My advice: If you have IPsv6, add them to a test box asap. See how it goes, get a hang of it. See if any of your custom configs break, tune your firewall, etc.
DA is mostly ready and when they will be, so will you
DA is mostly ready and when they will be, so will you
My advice: If you have IPsv6, add them to a test box asap. See how it goes, get a hang of it. See if any of your custom configs break, tune your firewall, etc.
DA is mostly ready and when they will be, so will you
I eagerly await that day..
- Joined
- Feb 27, 2003
- Messages
- 8,509
Hello,
What's left on our end is:
1) Get DA itself to listen on IPv6 IPs. This will need some re-learning of socket coding for IPv6 on my part, but the amount of code wont be huge.
2) Add IPv6 support to our licensing system. This might be easier since it's mostly text comparisons, however it will be much more work as IPs affect almost all of the pages.
Right now, DA works with IPv6 (probably needs more polish, but works).. .but the box still needs 1 IPv4 for the license (and for DA to listen on)
John
What's left on our end is:
1) Get DA itself to listen on IPv6 IPs. This will need some re-learning of socket coding for IPv6 on my part, but the amount of code wont be huge.
2) Add IPv6 support to our licensing system. This might be easier since it's mostly text comparisons, however it will be much more work as IPs affect almost all of the pages.
Right now, DA works with IPv6 (probably needs more polish, but works).. .but the box still needs 1 IPv4 for the license (and for DA to listen on)
John
Come on John, get crackin'. I want to have the box easy to manage for clients etc like it is for v4 now without me having to custom compile etc.
