how to build ipv6 web step by step

 

1. Add an IPv6 address to your web server

The first step is to get your web server listening on an IPv6 address.

2. Add an AAAA record for your website

In order for users to find your website over IPv6, you will need to add an AAAA record for www.yourdomain.com pointing to the IPv6 address configured above.  

 

3. Add an AAAA record for your  domain

Most websites are configured to work if the user omits the “www” prefix from the name, for example http://ipv4ipv6.net

 

4. Ensure your DNS servers have IPv6 addresses

your DNS servers are accessible over IPv6

 

5. Add IPv6 glue for your nameservers, if necessary

In order to find the address for your website, a DNS resolver will first need to find the address of your nameservers. If your nameservers are in your own domain, this creates a bootstrapping problem. For example, in order to find the address for ns1.mythic-beasts.com, you need to ask the nameservers for mythic-beasts.com, which includes ns1.mythic-beasts.com. The solution to this is a glue record, a record containing the address of your nameserver which is held by the nameserver for the next zone up. In this case, the next zone up is .com, so the .com nameservers would contain glue records for the ns*.mythic-beasts.com nameservers.

 

If a nameserver has an IPv6 address, then any glue records for it should also contain that IPv6 address.

 

 

 

6. Add IPv6 addresses for your incoming mail servers

In order to receive mail over IPv6, at least some of the mail servers listed in the MX records for your domain must have IPv6 addresses. You can find the mail servers for your domain using dig:

 

 

7. Add reverse DNS for your mail servers’ IPv6 address

It is generally advisable to have working reverse DNS for any addresses from which you send outgoing mail. In the case of IPv6, this becomes pretty much essential, as one of the biggest mail providers in the world, Google, will reject mail over IPv6 unless the sending server has working reverse DNS for its IPv6 address.

 

Unless you run your own mail servers, adding support for IPv6 will be down to your mail provider.

 

Unfortunately, there is no reliable way to obtain the outgoing mail servers that are used for a particular domain, so instead our health check makes a bold assumption that your outgoing servers are the same as the incoming servers listed in your MX records, and checks those. This assumption is certainly not true of all domains, which is why a failure of this test is only treated as a warning.

 

8. Check your SPF records

 

 

add a record in cloudflare

Set Your SSL/TLS encryption mode is Flexible in cloudflare

 

step 1. add a record in cloudflare

https://dash.cloudflare.com/

 

A ipv6address.info  *.*.*.215

 

Step 2.Set Your SSL/TLS encryption mode is Flexible in cloudflare

Encrypts traffic between the browser and Cloudflare

No encryption applied between the  Cloudflare  and origal server

step 3. set nginx service listen  port 80 and proxy to local port 7600

# web server port 80 ipv6address.info

server {

    listen        80;

    listen [::]:80;

    server_name   www.ipv4ipv6.net *.www.ipv4ipv6.net;

    location / {

        proxy_pass         http://localhost:7600;

        proxy_http_version 1.1;

        proxy_set_header   Upgrade $http_upgrade;

        proxy_set_header   Connection keep-alive;

        proxy_set_header   Host $host;

        proxy_cache_bypass $http_upgrade;

        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;

        proxy_set_header   X-Forwarded-Proto $scheme;

    }

}

Step 4.create kestrel-wwwipv4ipv6net.service

/etc/systemd/system/kestrel-wwwipv4ipv6net.service

[Unit]
Description=Miniblog.Core-wwwipv4ipv6net App running on Ubuntu

[Service]
WorkingDirectory=/var/www/Miniblog.Core-wwwipv4ipv6net/Miniblog.Core/src/bin/Release/net7.0/publish/
ExecStart=/usr/bin/dotnet  /var/www/Miniblog.Core-wwwipv4ipv6net/Miniblog.Core/src/bin/Release/net7.0/publish/Miniblog.Core.dll --urls http://localhost:7600
Restart=on-failure
# Restart service after 10 seconds if the dotnet service crashes:
RestartSec=10
KillSignal=SIGINT
SyslogIdentifier=dotnet-example
User=www-data
Environment=ASPNETCORE_ENVIRONMENT=Production
Environment=DOTNET_PRINT_TELEMETRY_MESSAGE=false

[Install]
WantedBy=multi-user.target

 

 

sudo systemctl daemon-reload 

sudo systemctl enable kestrel-wwwipv4ipv6net.service

sudo systemctl start kestrel-wwwipv4ipv6net.service

sudo systemctl restart kestrel-wwwipv4ipv6net.service

sudo systemctl stop kestrel-wwwipv4ipv6net.service

sudo systemctl status kestrel-wwwipv4ipv6net.service

 

sudo journalctl -fu kestrel-wwwipv4ipv6net.service --since today