Networking·3 min lezen

IPv6 Configuration

Enable and configure IPv6 on your VPS. Add addresses, firewall and connectivity test.

Check IPv6 Support

bash

# Check if IPv6 is already active
ip -6 addr show

# Check the kernel module
cat /proc/net/if_inet6 | head -5

If you have no output, IPv6might be disabled via sysctl.

Enable IPv6 in Kernel

bash

# Check current status
sysctl net.ipv6.conf.all.disable_ipv6

# If it returns 1 (disabled), enable it
sysctl -w net.ipv6.conf.all.disable_ipv6=0
sysctl -w net.ipv6.conf.default.disable_ipv6=0

To make it permanent:

bash

nano /etc/sysctl.conf

ini

net.ipv6.conf.all.disable_ipv6 = 0
net.ipv6.conf.default.disable_ipv6 = 0
net.ipv6.conf.lo.disable_ipv6 = 0

bash

sysctl -p

IPv6 Address Configuration

Ubuntu / Debian (Netplan)

bash

nano /etc/netplan/01-netcfg.yaml

yaml

network:
  version: 2
  ethernets:
    eth0:
      addresses:
        - 192.168.1.10/24          # Existing IPv4
        - "2001:db8::1/64"         # IPv6 assigned by provider
      gateway4: 192.168.1.1
      gateway6: "2001:db8::1"
      nameservers:
        addresses:
          - "8.8.8.8"
          - "2001:4860:4860::8888"  # Google DNS IPv6

Find your IPv6 address in the VirtFusion panel → Network, or use ip -6 addr show. Each VPS has a /64 or /128 block depending on the provider.

bash

netplan apply

AlmaLinux / CentOS (NetworkManager)

bash

nmcli con show           # find connection name
nmcli con mod eth0 ipv6.method manual
nmcli con mod eth0 ipv6.addresses "2001:db8::1/64"
nmcli con mod eth0 ipv6.gateway "2001:db8::1"
nmcli con up eth0

Test IPv6 Connectivity

bash

# Ping to a public IPv6 server
ping6 ipv6.google.com
ping6 2001:4860:4860::8888

# IPv6 traceroute
traceroute6 ipv6.google.com

# Check IPv6 routing
ip -6 route show

IPv6 Firewall (UFW)

UFW manages IPv4 and IPv6 with the same syntax:

bash

# Enable IPv6 in UFW
nano /etc/default/ufw
# Make sure: IPV6=yes

ufw reload

Rules: work automatically for both protocols.

bash

ufw allow 22/tcp     # SSH (IPv4 and IPv6)
ufw allow 80/tcp     # HTTP
ufw allow 443/tcp    # HTTPS
ufw enable

IPv6 Firewall (ip6tables)

If you use iptables directly:

bash

# Basic ip6tables rules
ip6tables -A INPUT -i lo -j ACCEPT
ip6tables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
ip6tables -A INPUT -p tcp --dport 22 -j ACCEPT
ip6tables -A INPUT -p tcp --dport 80 -j ACCEPT
ip6tables -A INPUT -p tcp --dport 443 -j ACCEPT
ip6tables -A INPUT -p icmpv6 -j ACCEPT   # NDP mandatory
ip6tables -A INPUT -j DROP

# Save rules
ip6tables-save > /etc/iptables/rules.v6

Don't block ICMPv6 like you would ICMPv4. IPv6 depends on ICMPv6 for Neighbor Discovery Protocol (NDP), which is essential for routing.

Nginx with IPv6

Make sure Nginx listens on IPv6:

nginx

server {
    listen 80;
    listen [::]:80;         # IPv6

    listen 443 ssl;
    listen [::]:443 ssl;    # IPv6

    server_name tuodominio.com;
    # ...
}

AAAA DNS Record

To make your domain work via IPv6, add an AAAA record:

tuodominio.com.    IN AAAA    2001:db8::1

Verify:

bash

dig AAAA tuodominio.com
nslookup -type=AAAA tuodominio.com

Final Verification

bash

# Assigned address
ip -6 addr show eth0

# Active routes
ip -6 route

# Outbound connectivity
curl -6 https://ipv6.icanhazip.com

# Open port on IPv6
ss -tlnp | grep ':443'

IP and Network Configuration

How to view and manage your server's IP addresses

2 min lezen

Networking

Firewall

How to configure your server's firewall with UFW or iptables

2 min lezen

Networking

DNS

How to configure your server's DNS and point a domain to your VPS

2 min lezen

Terug naar Documentatie

DeluxHost, opgericht in 2023, biedt hoogwaardige hostingoplossingen voor diverse digitale behoeften. Wij bieden gedeelde hosting, VPS en dedicated servers met geavanceerde beveiliging en wereldwijde datacenters.

Alle systemen operationeel

Animaties inschakelen